CVE-2011-1478

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 2.6.38

Description The issue is related to the Generic Receive Offload (GRO) implementation in the Linux kernel. A problem in the napi reuse skb function in net/core/dev.c does not reset the values of certain structure members. This could allow remote attackers to cause a denial of service, specifically a NULL pointer dereference, by manipulating a VLAN frame. Additionally, there are multiple vulnerabilities in the ext4dev-kmp-trace package of the SUSE Linux Enterprise operating system that can lead to disruption of protected information availability, potentially exploitable remotely.

Recommendations For Linux kernel versions prior to 2.6.38, update to version 2.6.38 or later to resolve the issue. At the moment, there is no information about a newer version that contains a fix for the ext4dev-kmp-trace package vulnerabilities in the SUSE Linux Enterprise operating system.