5.7 Medium
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:A/AC:M/Au:N/C:N/I:N/A:C
kernel is vulnerable to denial of service. A NULL pointer dereference flaw was found in the Generic Receive Offload (GRO) functionality in the Linux kernel’s networking implementation. If both GRO and promiscuous mode were enabled on an interface in a virtual LAN (VLAN), it could result in a denial of service when a malformed VLAN frame is received on that interface.
docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5/html/5.6_Technical_Notes/kernel.html#RHSA-2011-0429
git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=66c46d741e2e60f0e8b625b80edb0ab820c46d7a
git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6d152e23ad1a7a5b40fef1f42e017d66e6115159
git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=66c46d741e2e60f0e8b625b80edb0ab820c46d7a
git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=6d152e23ad1a7a5b40fef1f42e017d66e6115159
mirror.anl.gov/pub/linux/kernel/v2.6/ChangeLog-2.6.38
openwall.com/lists/oss-security/2011/03/28/1
secunia.com/advisories/46397
securityreason.com/securityalert/8480
www.securityfocus.com/archive/1/520102/100/0/threaded
www.vmware.com/security/advisories/VMSA-2011-0012.html
access.redhat.com/errata/RHSA-2011:0429
access.redhat.com/security/updates/classification/#important
bugzilla.redhat.com/show_bug.cgi?id=691270