Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.7
CVSSv2

CVE-2011-1478

Published: 23/10/2011 Updated: 13/02/2023
CVSS v2 Base Score: 5.7 | Impact Score: 6.9 | Exploitability Score: 5.5
VMScore: 508
Vector: AV:A/AC:M/Au:N/C:N/I:N/A:C
Subscribe to Linux

Vulnerability Summary

The napi_reuse_skb function in net/core/dev.c in the Generic Receive Offload (GRO) implementation in the Linux kernel prior to 2.6.38 does not reset the values of certain structure members, which might allow remote malicious users to cause a denial of service (NULL pointer dereference) via a malformed VLAN frame.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel

Vendor Advisories

Debian Security Advisories: DSA-2240-1 linux-2.6 -- privilege escalation/denial of service/information leak
Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2010-3875 Vasiliy Kulikov discovered an issue in the Linux implementation of the Amateur Radio AX25 Level 2 protocol Local u ...
Ubuntu Security Notice: linux-fsl-imx51 vulnerabilities
Multiple kernel flaws have been fixed ...
Ubuntu Security Notice: linux-lts-backport-natty vulnerabilities
Several security issues were fixed in the kernel ...
Ubuntu Security Notice: linux, linux-ec2 vulnerabilities
Multiple kernel vulnerabilities have been fixed ...
Ubuntu Security Notice: linux-mvl-dove vulnerabilities
Multiple kernel flaws have been fixed ...
Ubuntu Security Notice: linux vulnerabilities
Multiple kernel vulnerabilities have been fixed ...
Ubuntu Security Notice: linux-mvl-dove vulnerabilities
Multiple kernel flaws have been fixed ...
Ubuntu Security Notice: linux-lts-backport-maverick vulnerabilities
Multiple kernel flaws have been fixed ...
Ubuntu Security Notice: linux-ti-omap4 vulnerabilities
Multiple kernel flaws have been fixed ...

Exploits

Exploit DB: Ubuntu Security Notice USN-1202-1
Ubuntu Security Notice 1202-1 - Dan Rosenberg discovered that several network ioctls did not clear kernel memory correctly A local user could exploit this to read kernel stack memory, leading to a loss of privacy Brad Spengler discovered that stack memory for new a process was not correctly calculated A local attacker could exploit this to crash ...

References

CWE-476http://mirror.anl.gov/pub/linux/kernel/v2.6/ChangeLog-2.6.38https://bugzilla.redhat.com/show_bug.cgi?id=691270http://secunia.com/advisories/46397http://openwall.com/lists/oss-security/2011/03/28/1http://www.vmware.com/security/advisories/VMSA-2011-0012.htmlhttp://securityreason.com/securityalert/8480http://www.securityfocus.com/archive/1/520102/100/0/threadedhttp://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6d152e23ad1a7a5b40fef1f42e017d66e6115159http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=66c46d741e2e60f0e8b625b80edb0ab820c46d7ahttps://nvd.nist.govhttps://www.debian.org/security/./dsa-2240https://usn.ubuntu.com/1204-1/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654CVE-2024-2757authentication bypassCVE-2024-3194CVE-2024-33640CVE-2024-21111dosinsecure direct object referenceCVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook