Linux Kernel Vulnerability in Red Hat Enterprise Virtualization and Related Products
CVE-2011-1576

Currently unrated

Key Information:

Vendor: Linux
Status: Linux Kernel; Enterprise Linux
Vendor: CVE Published:; 31 August 2011

Summary

The Generic Receive Offload (GRO) feature in specific versions of the Linux kernel, deployed in Red Hat Enterprise Virtualization and other products, is susceptible to a denial of service attack. Remote attackers can exploit this vulnerability by sending specially crafted VLAN packets that trigger issues in the napi_reuse_skb function. This exploit can lead to serious problems, including memory leaks or memory corruption, affecting system stability and performance.

References

http://www.securityfocus.com/bid/48907

vdb-entryx_refsource_BID

http://www.redhat.com/support/errata/RHSA-2011-1106.html

vendor-advisoryx_refsource_REDHAT

http://rhn.redhat.com/errata/RHSA-2011-0927.html

vendor-advisoryx_refsource_REDHAT

Timeline

Vulnerability published
Aug 31, 2011
Vulnerability Reserved
Apr 5, 2011