CVE-2011-1768

2011-10-0600:00:00

ubuntu.com

6.8 Medium

AI Score

Confidence

High

5.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:N/I:N/A:C

0.005 Low

EPSS

Percentile

74.8%

JSON

The tunnels implementation in the Linux kernel before 2.6.34, when tunnel
functionality is configured as a module, allows remote attackers to cause a
denial of service (OOPS) by sending a packet during module loading.

Bugs

Notes

Author	Note
mdeslaur	redhat bug has a mention of a regression, need to check
apw	the regression was triggered by a poor backport and fixed by “Fix broken backport for IPv6 tunnels in 2.6.32-longterm kernels.”

OSVersionArchitecturePackageVersionFilename
ubuntu8.04noarchlinux< 2.6.24-30.96UNKNOWN
ubuntu10.04noarchlinux< 2.6.32-34.73UNKNOWN
ubuntu10.04noarchlinux-ec2< 2.6.32-318.37UNKNOWN
ubuntu10.04noarchlinux-fsl-imx51< 2.6.31-612.30UNKNOWN
ubuntu10.04noarchlinux-lts-backport-natty< 2.6.38-1.27~lucid1UNKNOWN
ubuntu10.04noarchlinux-mvl-dove< 2.6.32-218.35UNKNOWN
ubuntu10.10noarchlinux-mvl-dove< 2.6.32-418.35UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	8.04	noarch	linux	< 2.6.24-30.96	UNKNOWN
ubuntu	10.04	noarch	linux	< 2.6.32-34.73	UNKNOWN
ubuntu	10.04	noarch	linux-ec2	< 2.6.32-318.37	UNKNOWN
ubuntu	10.04	noarch	linux-fsl-imx51	< 2.6.31-612.30	UNKNOWN
ubuntu	10.04	noarch	linux-lts-backport-natty	< 2.6.38-1.27~lucid1	UNKNOWN
ubuntu	10.04	noarch	linux-mvl-dove	< 2.6.32-218.35	UNKNOWN
ubuntu	10.10	noarch	linux-mvl-dove	< 2.6.32-418.35	UNKNOWN