LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Pencil, Pencil, and Pencil

Dividing the Linux desktop

LWN.net Weekly Edition for June 13, 2013

A report from pgCon 2013

Little things that matter in language design

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

kernel: multiple vulnerabilities

Package(s):kernel CVE #(s):CVE-2011-4326 CVE-2011-3593 CVE-2011-3359
Created:November 28, 2011 Updated:November 30, 2011
Description: From the Oracle advisory:

A flaw was found in the way the Linux kernel handled fragmented IPv6 UDP datagrams over the bridge with UDP Fragmentation Offload (UFO) functionality on. A remote attacker could use this flaw to cause a denial of service. (CVE-2011-4326, Important)

A flaw was found in the way the Linux kernel handled VLAN 0 frames with the priority tag set. When using certain network drivers, an attacker on the local network could use this flaw to cause a denial of service. (CVE-2011-3593, Moderate)

allocate receive buffers big enough for max frame len + offset (Maxim Uvarov) {CVE-2011-3359}

Alerts:
Ubuntu USN-1311-1 2011-12-19
SUSE SUSE-SU-2011:1319-2 2011-12-14
SUSE SUSE-SU-2011:1319-1 2011-12-13
Ubuntu USN-1304-1 2011-12-13
Ubuntu USN-1303-1 2011-12-13
Ubuntu USN-1302-1 2011-12-13
Ubuntu USN-1299-1 2011-12-13
SUSE SUSE-SA:2011:046 2011-12-13
Ubuntu USN-1294-1 2011-12-08
Ubuntu USN-1293-1 2011-12-08
Ubuntu USN-1292-1 2011-12-08
Ubuntu USN-1286-1 2011-12-03
Fedora FEDORA-2011-16346 2011-11-23
Oracle ELSA-2011-1465 2011-11-28
Oracle ELSA-2011-2033 2011-11-28
Oracle ELSA-2011-2033 2011-11-28
Red Hat RHSA-2012:0010-01 2012-01-10
Ubuntu USN-1325-1 2012-01-11
Ubuntu USN-1323-1 2012-01-11
SUSE SUSE-SU-2012:0364-1 2012-03-14
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds