Linux · Linux Kernel · CVE-2011-1576
**Name of the Vulnerable Software and Affected Versions**
Linux kernel versions 2.6.18 through 2.6.32
Red Hat Enterprise Linux 5 and 6 (affected versions not specified)
**Description**
The issue allows remote attackers to cause a denial of service via crafted VLAN packets that are processed by the napi reuse skb function, leading to a memory leak or memory corruption. Multiple vulnerabilities in the ext4dev-kmp-trace package of SUSE Linux Enterprise may also lead to disruption of protected information availability, which can be exploited remotely.
**Recommendations**
For Linux kernel version 2.6.18, update to a version that includes the fix for the GRO implementation issue.
For Linux kernel version 2.6.32, update to a version that includes the fix for the GRO implementation issue.
For Red Hat Enterprise Linux 5 and 6, apply the relevant patches or updates to address the vulnerability.
As a temporary workaround, consider restricting access to the napi reuse skb function until a patch is available.
Avoid using crafted VLAN packets in the affected API endpoints until the issue is resolved.
At the moment, there is no information about a newer version that contains a fix for this vulnerability in the ext4dev-kmp-trace package of SUSE Linux Enterprise.