CVE-2011-1768
Published: 06 October 2011
The tunnels implementation in the Linux kernel before 2.6.34, when tunnel functionality is configured as a module, allows remote attackers to cause a denial of service (OOPS) by sending a packet during module loading.
From the Ubuntu security team
It was discovered that the IP/IP protocol incorrectly handled netns initialization. A remote attacker could send a packet while the ipip module was loading, and crash the system, leading to a denial of service.
Priority
Status
Notes
Author | Note |
---|---|
mdeslaur | redhat bug has a mention of a regression, need to check |
apw | the regression was triggered by a poor backport and fixed by "Fix broken backport for IPv6 tunnels in 2.6.32-longterm kernels." |
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1768
- https://usn.ubuntu.com/usn/usn-1203-1
- https://usn.ubuntu.com/usn/usn-1208-1
- https://usn.ubuntu.com/usn/usn-1216-1
- https://usn.ubuntu.com/usn/usn-1218-1
- https://usn.ubuntu.com/usn/usn-1256-1
- https://usn.ubuntu.com/usn/usn-1268-1
- https://usn.ubuntu.com/usn/usn-1271-1
- NVD
- Launchpad
- Debian