CVE-2011-1581

kernel: bonding: Incorrect TX queue offset

Severity Score

9.0

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The bond_select_queue function in drivers/net/bonding/bond_main.c in the Linux kernel before 2.6.39, when a network device with a large number of receive queues is installed but the default tx_queues setting is used, does not properly restrict queue indexes, which allows remote attackers to cause a denial of service (BUG and system crash) or possibly have unspecified other impact by sending network traffic.

La función bond_select_queue en drivers/net/bonding/bond_main.c en el kernel de Linux anteriores a v2.6.39, cuando esta configurado un dispositivo de red con un gran número de colas de recepción pero el tx_queues es el predeterminado, no restringen adecuadamente los índices de cola, lo que permite a atacantes remotos provocar una denegación de servicio (BUG y caída del sistema) o posiblemente tener un impacto no especificado mediante el envío de tráfico de red.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Complete

Attack Vector

Adjacent

Attack Complexity

High

Authentication

None

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2011-04-05 CVE Reserved
2011-05-26 CVE Published
2024-06-11 EPSS Updated
2024-08-06 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-20: Improper Input Validation

CAPEC

References (7)

URL	Tag	Source
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fd0e435b0fe85622f167b84432552885a4856ac8	X_refsource_confirm
http://securitytracker.com/id?1025558	Third Party Advisory

URL	Date	SRC

URL	Date	SRC
http://openwall.com/lists/oss-security/2011/04/13/16	2023-02-13
http://openwall.com/lists/oss-security/2011/04/13/4	2023-02-13

URL	Date	SRC
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39	2023-02-13
https://bugzilla.redhat.com/show_bug.cgi?id=696029	2011-05-19
https://access.redhat.com/security/cve/CVE-2011-1581	2011-05-19

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 2.6.39 Search vendor "Linux" for product "Linux Kernel" and version " < 2.6.39"		-		Affected