Linux · Linux Kernel · CVE-2018-1000026
Name of the Vulnerable Software and Affected Versions:
Linux kernel versions 4.8 and later
Description:
The issue is related to insufficient input validation in the bnx2x network card driver, which can lead to a denial of service (DoS) condition where the network card firmware assertion takes the card offline. An attacker can exploit this by sending a very large, specially crafted packet to the bnx2x card, potentially from an untrusted guest VM.
Recommendations:
For Linux kernel versions 4.8 and later, at the moment, there is no information about a newer version that contains a fix for this vulnerability.