CVE-2011-1581
kernel: bonding: Incorrect TX queue offset
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The bond_select_queue function in drivers/net/bonding/bond_main.c in the Linux kernel before 2.6.39, when a network device with a large number of receive queues is installed but the default tx_queues setting is used, does not properly restrict queue indexes, which allows remote attackers to cause a denial of service (BUG and system crash) or possibly have unspecified other impact by sending network traffic.
La función bond_select_queue en drivers/net/bonding/bond_main.c en el kernel de Linux anteriores a v2.6.39, cuando esta configurado un dispositivo de red con un gran número de colas de recepción pero el tx_queues es el predeterminado, no restringen adecuadamente los índices de cola, lo que permite a atacantes remotos provocar una denegación de servicio (BUG y caída del sistema) o posiblemente tener un impacto no especificado mediante el envío de tráfico de red.
It was discovered that the /proc filesystem did not correctly handle permission changes when programs executed. A local attacker could hold open files to examine details about programs running with higher privileges, potentially increasing the chances of exploiting additional vulnerabilities. Vasiliy Kulikov discovered that the Bluetooth stack did not correctly clear memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Various other issues were also addressed.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2011-04-05 CVE Reserved
- 2011-05-26 CVE Published
- 2024-08-06 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (7)
URL | Tag | Source |
---|---|---|
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fd0e435b0fe85622f167b84432552885a4856ac8 | X_refsource_confirm | |
http://securitytracker.com/id?1025558 | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://openwall.com/lists/oss-security/2011/04/13/16 | 2023-02-13 | |
http://openwall.com/lists/oss-security/2011/04/13/4 | 2023-02-13 |
URL | Date | SRC |
---|---|---|
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39 | 2023-02-13 | |
https://bugzilla.redhat.com/show_bug.cgi?id=696029 | 2011-05-19 | |
https://access.redhat.com/security/cve/CVE-2011-1581 | 2011-05-19 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | < 2.6.39 Search vendor "Linux" for product "Linux Kernel" and version " < 2.6.39" | - |
Affected
|