Your submission was sent successfully! Close

CVE-2011-1927

Published: 18 May 2011

The ip_expire function in net/ipv4/ip_fragment.c in the Linux kernel before 2.6.39 does not properly construct ICMP_TIME_EXCEEDED packets after a timeout, which allows remote attackers to cause a denial of service (invalid pointer dereference) via crafted fragmented packets.

From the Ubuntu security team

Aristide Fattori and Roberto Paleari reported a flaw in the Linux kernel's handling of IPv4 icmp packets. A remote user could exploit this to cause a denial of service.

Priority

High

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
hardy Not vulnerable

lucid Not vulnerable

maverick
Released (2.6.35-32.66)
natty
Released (2.6.38-10.44)
oneiric
Released (2.6.39-3.9)
upstream
Released (2.6.39)
linux-ec2
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Not vulnerable

maverick Ignored
(binary supplied by "linux" now)
natty Does not exist

oneiric Does not exist

upstream
Released (2.6.39)
linux-fsl-imx51
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Not vulnerable

maverick Does not exist

natty Does not exist

oneiric Does not exist

upstream
Released (2.6.39)
linux-lts-backport-maverick
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid
Released (2.6.35-32.66~lucid1)
maverick Does not exist

natty Does not exist

oneiric Does not exist

upstream
Released (2.6.39)
linux-lts-backport-natty
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid
Released (2.6.38-10.44~lucid1)
maverick Does not exist

natty Does not exist

oneiric Does not exist

upstream
Released (2.6.39)
linux-lts-backport-oneiric
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid
Released (3.0.0-5.6~lucid1)
maverick Does not exist

natty Does not exist

oneiric Does not exist

upstream
Released (2.6.39)
linux-mvl-dove
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Not vulnerable

maverick Not vulnerable

natty Does not exist

oneiric Does not exist

upstream
Released (2.6.39)
linux-ti-omap4
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Does not exist

maverick
Released (2.6.35-903.31)
natty
Released (2.6.38-1209.22)
oneiric
Released (3.0.0-1200.1)
upstream
Released (2.6.39)