6.8 Medium
AI Score
Confidence
High
5.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:N/I:N/A:C
0.005 Low
EPSS
Percentile
74.8%
The tunnels implementation in the Linux kernel before 2.6.34, when tunnel
functionality is configured as a module, allows remote attackers to cause a
denial of service (OOPS) by sending a packet during module loading.
Author | Note |
---|---|
mdeslaur | redhat bug has a mention of a regression, need to check |
apw | the regression was triggered by a poor backport and fixed by βFix broken backport for IPv6 tunnels in 2.6.32-longterm kernels.β |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 8.04 | noarch | linux | <Β 2.6.24-30.96 | UNKNOWN |
ubuntu | 10.04 | noarch | linux | <Β 2.6.32-34.73 | UNKNOWN |
ubuntu | 10.04 | noarch | linux-ec2 | <Β 2.6.32-318.37 | UNKNOWN |
ubuntu | 10.04 | noarch | linux-fsl-imx51 | <Β 2.6.31-612.30 | UNKNOWN |
ubuntu | 10.04 | noarch | linux-lts-backport-natty | <Β 2.6.38-1.27~lucid1 | UNKNOWN |
ubuntu | 10.04 | noarch | linux-mvl-dove | <Β 2.6.32-218.35 | UNKNOWN |
ubuntu | 10.10 | noarch | linux-mvl-dove | <Β 2.6.32-418.35 | UNKNOWN |
launchpad.net/bugs/cve/CVE-2011-1768
nvd.nist.gov/vuln/detail/CVE-2011-1768
security-tracker.debian.org/tracker/CVE-2011-1768
ubuntu.com/security/notices/USN-1203-1
ubuntu.com/security/notices/USN-1208-1
ubuntu.com/security/notices/USN-1216-1
ubuntu.com/security/notices/USN-1218-1
ubuntu.com/security/notices/USN-1256-1
ubuntu.com/security/notices/USN-1268-1
ubuntu.com/security/notices/USN-1271-1
www.cve.org/CVERecord?id=CVE-2011-1768