// For flags

CVE-2011-4112

 

Severity Score

5.5
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The net subsystem in the Linux kernel before 3.1 does not properly restrict use of the IFF_TX_SKB_SHARING flag, which allows local users to cause a denial of service (panic) by leveraging the CAP_NET_ADMIN capability to access /proc/net/pktgen/pgctrl, and then using the pktgen package in conjunction with a bridge device for a VLAN interface.

El subsistema de red en el kernel de Linux antes de v3.1 no restringe adecuadamente el uso de la bandera IFF_TX_SKB_SHARING, lo que permite a usuarios locales causar una denegaciĆ³n de servicio (panic) mediante el aprovechamiento de la funcionalidad CAP_NET_ADMIN para acceder a /proc/net/pktgen/pgctrl para, a continuaciĆ³n, usar el paquete pktgen junto con un dispositivo de puente para una interfaz VLAN.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2011-10-18 CVE Reserved
  • 2012-05-17 CVE Published
  • 2023-03-08 EPSS Updated
  • 2024-08-07 CVE Updated
  • 2024-08-07 First Exploit
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Avaya
Search vendor "Avaya"
 9608 Firmware
Search vendor "Avaya" for product "9608 Firmware"
 >= 6.0 <= 6.6.0
Search vendor "Avaya" for product "9608 Firmware" and version " >= 6.0 <= 6.6.0"
-
Affected
in Avaya
Search vendor "Avaya"
 9608
Search vendor "Avaya" for product "9608"
--
Safe
Avaya
Search vendor "Avaya"
 9608g Firmware
Search vendor "Avaya" for product "9608g Firmware"
 >= 6.0 <= 6.6.0
Search vendor "Avaya" for product "9608g Firmware" and version " >= 6.0 <= 6.6.0"
-
Affected
in Avaya
Search vendor "Avaya"
 9608g
Search vendor "Avaya" for product "9608g"
--
Safe
Avaya
Search vendor "Avaya"
 9611g Firmware
Search vendor "Avaya" for product "9611g Firmware"
 >= 6.0 <= 6.6.0
Search vendor "Avaya" for product "9611g Firmware" and version " >= 6.0 <= 6.6.0"
-
Affected
in Avaya
Search vendor "Avaya"
 9611g
Search vendor "Avaya" for product "9611g"
--
Safe
Avaya
Search vendor "Avaya"
 9621g Firmware
Search vendor "Avaya" for product "9621g Firmware"
 >= 6.0 <= 6.6.0
Search vendor "Avaya" for product "9621g Firmware" and version " >= 6.0 <= 6.6.0"
-
Affected
in Avaya
Search vendor "Avaya"
 9621g
Search vendor "Avaya" for product "9621g"
--
Safe
Avaya
Search vendor "Avaya"
 9641g Firmware
Search vendor "Avaya" for product "9641g Firmware"
 >= 6.0 <= 6.6.0
Search vendor "Avaya" for product "9641g Firmware" and version " >= 6.0 <= 6.6.0"
-
Affected
in Avaya
Search vendor "Avaya"
 9641g
Search vendor "Avaya" for product "9641g"
--
Safe
Avaya
Search vendor "Avaya"
 9641gs Firmware
Search vendor "Avaya" for product "9641gs Firmware"
 >= 6.0 <= 6.6.0
Search vendor "Avaya" for product "9641gs Firmware" and version " >= 6.0 <= 6.6.0"
-
Affected
in Avaya
Search vendor "Avaya"
 9641gs
Search vendor "Avaya" for product "9641gs"
--
Safe
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 < 3.1
Search vendor "Linux" for product "Linux Kernel" and version " < 3.1"
-
Affected