CVE-2011-1581

EPSS 1.07%
Published 26.05.2011 16:55:04
Last modified 11.04.2025 00:51:21
Source secalert@redhat.com
Teams watchlist Login
Open Login

The bond_select_queue function in drivers/net/bonding/bond_main.c in the Linux kernel before 2.6.39, when a network device with a large number of receive queues is installed but the default tx_queues setting is used, does not properly restrict queue indexes, which allows remote attackers to cause a denial of service (BUG and system crash) or possibly have unspecified other impact by sending network traffic.

Affected products Warnungen 0 Metrics 2 CWE 1 References 9

Data is provided by the National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version < 2.6.39

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	1.07%	0.757

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9	10	8.5	AV:N/AC:L/Au:N/C:P/I:P/A:C

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fd0e435b0fe85622f167b84432552885a4856ac8

http://openwall.com/lists/oss-security/2011/04/13/16

Patch

Third Party Advisory

Mailing List

http://openwall.com/lists/oss-security/2011/04/13/4

Patch

Third Party Advisory

Mailing List

http://securitytracker.com/id?1025558

Third Party Advisory

VDB Entry