Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2011-1576

The Generic Receive Offload (GRO) implementation in the Linux kernel 2.6.18 on Red Hat Enterprise Linux 5 and 2.6.32 on Red Hat Enterprise Linux 6, as used in Red Hat Enterprise Virtualization (RHEV) Hypervisor and other products, allows remote attackers to cause a denial of service via crafted VLAN packets that are processed by the napi_reuse_skb function, leading to (1) a memory leak or (2) memory corruption, a different vulnerability than CVE-2011-1478.

Published

2011-08-31T23:55:01.737

Last Modified

2025-04-11T00:51:21.963

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 5.7 (MEDIUM)

CVSSv2 Vector

AV:A/AC:M/Au:N/C:N/I:N/A:C

  • Access Vector: ADJACENT_NETWORK
  • Access Complexity: MEDIUM
  • Authentication: NONE
  • Confidentiality Impact: NONE
  • Integrity Impact: NONE
  • Availability Impact: COMPLETE
Exploitability Score

5.5

Impact Score

6.9

Weaknesses
  • Type: Primary
    CWE-119
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System linux linux_kernel 2.6.18 Yes
Operating System redhat enterprise_linux 5 Yes
Application redhat enterprise_virtualization_hypervisor * Yes
Operating System redhat enterprise_linux 6.0 Yes
References