Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2011-1576

Published: 31 August 2011

The Generic Receive Offload (GRO) implementation in the Linux kernel 2.6.18 on Red Hat Enterprise Linux 5 and 2.6.32 on Red Hat Enterprise Linux 6, as used in Red Hat Enterprise Virtualization (RHEV) Hypervisor and other products, allows remote attackers to cause a denial of service via crafted VLAN packets that are processed by the napi_reuse_skb function, leading to (1) a memory leak or (2) memory corruption, a different vulnerability than CVE-2011-1478.

From the Ubuntu Security Team

Ryan Sweat discovered that the kernel incorrectly handled certain VLAN packets. On some systems, a remote attacker could send specially crafted traffic to crash the system, leading to a denial of service.

Priority

Low

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
hardy Not vulnerable

lucid
Released (2.6.32-35.78)
maverick
Released (2.6.35-30.60)
natty
Released (2.6.37-2.9)
oneiric Not vulnerable
(2.6.39-0.0)
upstream
Released (2.6.37~rc1)
Patches:
Introduced by

5d0d9be8ef456afc6c3fb5f8aad06ef19b704b05

Fixed by 3701e51382a026cba10c60b03efabe534fba4ca4
linux-ec2
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid
Released (2.6.32-319.39)
maverick Ignored
(end of life)
natty Does not exist

oneiric Does not exist

upstream
Released (2.6.37~rc1)
linux-fsl-imx51
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid
Released (2.6.31-611.29)
maverick Does not exist

natty Does not exist

oneiric Does not exist

upstream
Released (2.6.37~rc1)
linux-lts-backport-maverick
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid
Released (2.6.35-30.60~lucid1)
maverick Does not exist

natty Does not exist

oneiric Does not exist

upstream
Released (2.6.37~rc1)
linux-lts-backport-natty
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid
Released (2.6.38-1.27~lucid1)
maverick Does not exist

natty Does not exist

oneiric Does not exist

upstream
Released (2.6.37~rc1)
linux-lts-backport-oneiric
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Not vulnerable

maverick Does not exist

natty Does not exist

oneiric Does not exist

upstream
Released (2.6.37~rc1)
linux-mvl-dove
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid
Released (2.6.32-219.37)
maverick
Released (2.6.32-419.37)
natty Does not exist

oneiric Does not exist

upstream
Released (2.6.37~rc1)
linux-ti-omap4
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Does not exist

maverick
Released (2.6.35-903.25)
natty
Released (2.6.38-1201.2)
oneiric Not vulnerable
(2.6.38-1309.13)
upstream
Released (2.6.37~rc1)