7.1 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:N/I:N/A:C
0.008 Low
EPSS
Percentile
81.8%
The udp6_ufo_fragment function in net/ipv6/udp.c in the Linux kernel before
2.6.39, when a certain UDP Fragmentation Offload (UFO) configuration is
enabled, allows remote attackers to cause a denial of service (system
crash) by sending fragmented IPv6 UDP packets to a bridge device.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 10.04 | noarch | linux | < 2.6.32-37.81 | UNKNOWN |
ubuntu | 10.10 | noarch | linux | < 2.6.35-31.63 | UNKNOWN |
ubuntu | 11.04 | noarch | linux | < 2.6.38-11.47 | UNKNOWN |
ubuntu | 10.04 | noarch | linux-ec2 | < 2.6.32-341.42 | UNKNOWN |
ubuntu | 10.04 | noarch | linux-lts-backport-maverick | < 2.6.35-31.63~lucid1 | UNKNOWN |
ubuntu | 10.04 | noarch | linux-lts-backport-natty | < 2.6.38-11.49~lucid1 | UNKNOWN |
ubuntu | 10.04 | noarch | linux-lts-backport-oneiric | < 3.0.0-5.6~lucid1 | UNKNOWN |
ubuntu | 10.10 | noarch | linux-mvl-dove | < 2.6.32-421.39 | UNKNOWN |
ubuntu | 10.10 | noarch | linux-ti-omap4 | < 2.6.35-903.28 | UNKNOWN |
ubuntu | 11.04 | noarch | linux-ti-omap4 | < 2.6.38-1209.18 | UNKNOWN |
article.gmane.org/gmane.linux.network/192959
www.openwall.com/lists/oss-security/2011/11/21/9
launchpad.net/bugs/cve/CVE-2011-4326
nvd.nist.gov/vuln/detail/CVE-2011-4326
security-tracker.debian.org/tracker/CVE-2011-4326
ubuntu.com/security/notices/USN-1193-1
ubuntu.com/security/notices/USN-1256-1
ubuntu.com/security/notices/USN-1286-1
ubuntu.com/security/notices/USN-1292-1
ubuntu.com/security/notices/USN-1293-1
ubuntu.com/security/notices/USN-1294-1
ubuntu.com/security/notices/USN-1299-1
ubuntu.com/security/notices/USN-1302-1
ubuntu.com/security/notices/USN-1303-1
ubuntu.com/security/notices/USN-1304-1
ubuntu.com/security/notices/USN-1311-1
www.cve.org/CVERecord?id=CVE-2011-4326