CVE-2011-3347
Priority
Low
Description
A certain Red Hat patch to the be2net implementation in the kernel package
before 2.6.32-218.el6 on Red Hat Enterprise Linux (RHEL) 6, when
promiscuous mode is enabled, allows remote attackers to cause a denial of
service (system crash) via non-member VLAN packets.
before 2.6.32-218.el6 on Red Hat Enterprise Linux (RHEL) 6, when
promiscuous mode is enabled, allows remote attackers to cause a denial of
service (system crash) via non-member VLAN packets.
Ubuntu-Description
Somnath Kotur discovered an error in the Linux kernel's VLAN (virtual lan)
and be2net drivers. An attacker on the local network could exploit this
flaw to cause a denial of service.
and be2net drivers. An attacker on the local network could exploit this
flaw to cause a denial of service.
References
Notes
apw> https://bugzilla.redhat.com/show_bug.cgi?id=748691
apw> looks to be 4 commits to fix:
apw> ecd0bf0f7b280bac3ac7419ed3aac84cd92878e9
apw> 4c5102f94c175d81790a3a288e85efd4a8a1649a
apw> c0e64ef4899df4cedc872871e54e2c069d29e519
apw> 343e43c02850a3abcd22bd144e5bdbc92fdd273c
apw> issue looks to be exposed by:
apw> 1da87b7fafebb7874622602f79a5fec0425aede7.
apw> the last of these commits is a change to the use of unlikely and therefore
apw> not really part of the fix, therefore dropping:
apw> 343e43c02850a3abcd22bd144e5bdbc92fdd273c
apw> looks to be 4 commits to fix:
apw> ecd0bf0f7b280bac3ac7419ed3aac84cd92878e9
apw> 4c5102f94c175d81790a3a288e85efd4a8a1649a
apw> c0e64ef4899df4cedc872871e54e2c069d29e519
apw> 343e43c02850a3abcd22bd144e5bdbc92fdd273c
apw> issue looks to be exposed by:
apw> 1da87b7fafebb7874622602f79a5fec0425aede7.
apw> the last of these commits is a change to the use of unlikely and therefore
apw> not really part of the fix, therefore dropping:
apw> 343e43c02850a3abcd22bd144e5bdbc92fdd273c
Package
| Upstream: | released (3.2~rc1) |
| Ubuntu 10.04 LTS (Lucid Lynx): | DNE |
| Ubuntu 12.04 LTS (Precise Pangolin): | not-affected (3.2.0-1600.1) |
| Ubuntu 12.10 (Quantal Quetzal): | not-affected (3.2.0-1602.5) |
| Ubuntu 13.04 (Raring Ringtail): | DNE |
| Ubuntu 13.10 (Saucy Salamander): | DNE |
Package
| Upstream: | released (3.2~rc1) |
| Ubuntu 10.04 LTS (Lucid Lynx): | not-affected |
| Ubuntu 12.04 LTS (Precise Pangolin): | DNE |
| Ubuntu 12.10 (Quantal Quetzal): | DNE |
| Ubuntu 13.04 (Raring Ringtail): | DNE |
| Ubuntu 13.10 (Saucy Salamander): | DNE |
Package
| Upstream: | released (3.2~rc1) |
| Ubuntu 10.04 LTS (Lucid Lynx): | released (3.0.0-17.30~lucid1) |
| Ubuntu 12.04 LTS (Precise Pangolin): | DNE |
| Ubuntu 12.10 (Quantal Quetzal): | DNE |
| Ubuntu 13.04 (Raring Ringtail): | DNE |
| Ubuntu 13.10 (Saucy Salamander): | DNE |
Package
| Upstream: | released (3.2~rc1) |
| Ubuntu 10.04 LTS (Lucid Lynx): | ignored (reached end-of-life) |
| Ubuntu 12.04 LTS (Precise Pangolin): | DNE |
| Ubuntu 12.10 (Quantal Quetzal): | DNE |
| Ubuntu 13.04 (Raring Ringtail): | DNE |
| Ubuntu 13.10 (Saucy Salamander): | DNE |
Package
| Upstream: | DNE |
| Ubuntu 10.04 LTS (Lucid Lynx): | DNE |
| Ubuntu 12.04 LTS (Precise Pangolin): | not-affected |
| Ubuntu 12.10 (Quantal Quetzal): | DNE |
| Ubuntu 13.04 (Raring Ringtail): | DNE |
| Ubuntu 13.10 (Saucy Salamander): | DNE |
Patches:
Package
| Upstream: | released (3.2~rc1) |
| Ubuntu 10.04 LTS (Lucid Lynx): | not-affected |
| Ubuntu 12.04 LTS (Precise Pangolin): | DNE |
| Ubuntu 12.10 (Quantal Quetzal): | DNE |
| Ubuntu 13.04 (Raring Ringtail): | DNE |
| Ubuntu 13.10 (Saucy Salamander): | DNE |
Package
| Upstream: | released (3.2~rc1) |
| Ubuntu 10.04 LTS (Lucid Lynx): | not-affected |
| Ubuntu 12.04 LTS (Precise Pangolin): | DNE |
| Ubuntu 12.10 (Quantal Quetzal): | DNE |
| Ubuntu 13.04 (Raring Ringtail): | DNE |
| Ubuntu 13.10 (Saucy Salamander): | DNE |
Package
| Upstream: | released (3.2~rc1) |
| Ubuntu 10.04 LTS (Lucid Lynx): | not-affected |
| Ubuntu 12.04 LTS (Precise Pangolin): | not-affected (3.2.0-1.1) |
| Ubuntu 12.10 (Quantal Quetzal): | not-affected (3.2.0-1.1) |
| Ubuntu 13.04 (Raring Ringtail): | not-affected (3.2.0-1.1) |
| Ubuntu 13.10 (Saucy Salamander): | not-affected (3.2.0-1.1) |
Patches:
| Vendor: | https://rhn.redhat.com/errata/RHSA-2011-1386.html |
| Introduced by 1da87b7fafebb7874622602f79a5fec0425aede7 | Fixed by ecd0bf0f7b280bac3ac7419ed3aac84cd92878e9 |
| Introduced by 1da87b7fafebb7874622602f79a5fec0425aede7 | Fixed by 4c5102f94c175d81790a3a288e85efd4a8a1649a |
| Introduced by 1da87b7fafebb7874622602f79a5fec0425aede7 | Fixed by c0e64ef4899df4cedc872871e54e2c069d29e519 |
Package
| Upstream: | released (3.2~rc1) |
| Ubuntu 10.04 LTS (Lucid Lynx): | DNE |
| Ubuntu 12.04 LTS (Precise Pangolin): | not-affected (3.2.0-1401.1) |
| Ubuntu 12.10 (Quantal Quetzal): | not-affected (3.2.0-1401.1) |
| Ubuntu 13.04 (Raring Ringtail): | not-affected (3.2.0-1401.1) |
| Ubuntu 13.10 (Saucy Salamander): | not-affected (3.2.0-1401.1) |
Package
| Upstream: | released (3.2~rc1) |
| Ubuntu 10.04 LTS (Lucid Lynx): | not-affected |
| Ubuntu 12.04 LTS (Precise Pangolin): | DNE |
| Ubuntu 12.10 (Quantal Quetzal): | DNE |
| Ubuntu 13.04 (Raring Ringtail): | DNE |
| Ubuntu 13.10 (Saucy Salamander): | DNE |
Package
| Upstream: | released (3.2~rc1) |
| Ubuntu 10.04 LTS (Lucid Lynx): | DNE |
| Ubuntu 12.04 LTS (Precise Pangolin): | not-affected |
| Ubuntu 12.10 (Quantal Quetzal): | DNE |
| Ubuntu 13.04 (Raring Ringtail): | DNE |
| Ubuntu 13.10 (Saucy Salamander): | DNE |