CVE-2011-1768

Published: 06 October 2011

The tunnels implementation in the Linux kernel before 2.6.34, when tunnel functionality is configured as a module, allows remote attackers to cause a denial of service (OOPS) by sending a packet during module loading.

From the Ubuntu security team

It was discovered that the IP/IP protocol incorrectly handled netns initialization. A remote attacker could send a packet while the ipip module was loading, and crash the system, leading to a denial of service.

Status

Notes

redhat bug has a mention of a regression, need to check

the regression was triggered by a poor backport and fixed by
"Fix broken backport for IPv6 tunnels in 2.6.32-longterm kernels."

References

• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1768
• https://usn.ubuntu.com/usn/usn-1203-1
• https://usn.ubuntu.com/usn/usn-1208-1
• https://usn.ubuntu.com/usn/usn-1216-1
• https://usn.ubuntu.com/usn/usn-1218-1
• https://usn.ubuntu.com/usn/usn-1256-1
• https://usn.ubuntu.com/usn/usn-1268-1
• https://usn.ubuntu.com/usn/usn-1271-1
• NVD
• Launchpad
• Debian

Bugs

• https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-1768
• https://launchpad.net/bugs/869215