CVE-2011-1581
kernel: bonding: Incorrect TX queue offset
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The bond_select_queue function in drivers/net/bonding/bond_main.c in the Linux kernel before 2.6.39, when a network device with a large number of receive queues is installed but the default tx_queues setting is used, does not properly restrict queue indexes, which allows remote attackers to cause a denial of service (BUG and system crash) or possibly have unspecified other impact by sending network traffic.
La función bond_select_queue en drivers/net/bonding/bond_main.c en el kernel de Linux anteriores a v2.6.39, cuando esta configurado un dispositivo de red con un gran número de colas de recepción pero el tx_queues es el predeterminado, no restringen adecuadamente los índices de cola, lo que permite a atacantes remotos provocar una denegación de servicio (BUG y caída del sistema) o posiblemente tener un impacto no especificado mediante el envío de tráfico de red.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2011-04-05 CVE Reserved
- 2011-05-26 CVE Published
- 2024-08-06 CVE Updated
- 2024-12-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (7)
URL | Tag | Source |
---|---|---|
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fd0e435b0fe85622f167b84432552885a4856ac8 | X_refsource_confirm | |
http://securitytracker.com/id?1025558 | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://openwall.com/lists/oss-security/2011/04/13/16 | 2023-02-13 | |
http://openwall.com/lists/oss-security/2011/04/13/4 | 2023-02-13 |
URL | Date | SRC |
---|---|---|
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39 | 2023-02-13 | |
https://bugzilla.redhat.com/show_bug.cgi?id=696029 | 2011-05-19 | |
https://access.redhat.com/security/cve/CVE-2011-1581 | 2011-05-19 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | < 2.6.39 Search vendor "Linux" for product "Linux Kernel" and version " < 2.6.39" | - |
Affected
|