CVE-2011-1576

Name of the Vulnerable Software and Affected Versions Linux kernel versions 2.6.18 through 2.6.32 Red Hat Enterprise Linux 5 and 6 (affected versions not specified)

Description The issue allows remote attackers to cause a denial of service via crafted VLAN packets that are processed by the napi reuse skb function, leading to a memory leak or memory corruption. Multiple vulnerabilities in the ext4dev-kmp-trace package of SUSE Linux Enterprise may also lead to disruption of protected information availability, which can be exploited remotely.

Recommendations For Linux kernel version 2.6.18, update to a version that includes the fix for the GRO implementation issue. For Linux kernel version 2.6.32, update to a version that includes the fix for the GRO implementation issue. For Red Hat Enterprise Linux 5 and 6, apply the relevant patches or updates to address the vulnerability. As a temporary workaround, consider restricting access to the napi reuse skb function until a patch is available. Avoid using crafted VLAN packets in the affected API endpoints until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability in the ext4dev-kmp-trace package of SUSE Linux Enterprise.