CVE-2011-1767
Published: 06 October 2011
net/ipv4/ip_gre.c in the Linux kernel before 2.6.34, when ip_gre is configured as a module, allows remote attackers to cause a denial of service (OOPS) by sending a packet during module loading.
From the Ubuntu security team
It was discovered that the GRE protocol incorrectly handled netns initialization. A remote attacker could send a packet while the ip_gre module was loading, and crash the system, leading to a denial of service.
Priority
Status
Package | Release | Status |
---|---|---|
linux Launchpad, Ubuntu, Debian |
Upstream |
Released
(2.6.34~rc1)
|
Patches: Introduced by 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 Fixed by c2892f02712e9516d72841d5c019ed6916329794 |
||
linux-armadaxp Launchpad, Ubuntu, Debian |
Upstream |
Released
(2.6.34~rc1)
|
linux-ec2 Launchpad, Ubuntu, Debian |
Upstream |
Released
(2.6.34~rc1)
|
linux-fsl-imx51 Launchpad, Ubuntu, Debian |
Upstream |
Released
(2.6.34~rc1)
|
linux-lts-backport-maverick Launchpad, Ubuntu, Debian |
Upstream |
Released
(2.6.34~rc1)
|
linux-lts-backport-natty Launchpad, Ubuntu, Debian |
Upstream |
Released
(2.6.34~rc1)
|
linux-lts-backport-oneiric Launchpad, Ubuntu, Debian |
Upstream |
Released
(2.6.34~rc1)
|
linux-lts-quantal Launchpad, Ubuntu, Debian |
Upstream |
Released
(2.6.34~rc1)
|
linux-lts-raring Launchpad, Ubuntu, Debian |
Upstream |
Released
(2.6.34~rc1)
|
linux-mvl-dove Launchpad, Ubuntu, Debian |
Upstream |
Released
(2.6.34~rc1)
|
linux-ti-omap4 Launchpad, Ubuntu, Debian |
Upstream |
Released
(2.6.34~rc1)
|
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1767
- https://rhn.redhat.com/errata/RHSA-2011-1253.html
- http://www.openwall.com/lists/oss-security/2010/02/18/3
- https://usn.ubuntu.com/usn/usn-1203-1
- https://usn.ubuntu.com/usn/usn-1208-1
- https://usn.ubuntu.com/usn/usn-1216-1
- https://usn.ubuntu.com/usn/usn-1218-1
- https://usn.ubuntu.com/usn/usn-1256-1
- https://usn.ubuntu.com/usn/usn-1268-1
- https://usn.ubuntu.com/usn/usn-1271-1
- NVD
- Launchpad
- Debian