Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2011-4326 | First vendor Publication | 2012-05-17 |
Vendor | Cve | Last vendor Modification | 2023-02-13 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:N/I:N/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.1 | Attack Range | Network |
Cvss Impact Score | 6.9 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
The udp6_ufo_fragment function in net/ipv6/udp.c in the Linux kernel before 2.6.39, when a certain UDP Fragmentation Offload (UFO) configuration is enabled, allows remote attackers to cause a denial of service (system crash) by sending fragmented IPv6 UDP packets to a bridge device. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4326 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-399 | Resource Management Errors |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:15273 | |||
Oval ID: | oval:org.mitre.oval:def:15273 | ||
Title: | USN-1294-1 -- Linux kernel (Oneiric backport) vulnerabilities | ||
Description: | linux-lts-backport-oneiric: Linux kernel backport from Oneiric Several security issues were fixed in the kernel. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1294-1 CVE-2011-1162 CVE-2011-2494 CVE-2011-2942 CVE-2011-3209 CVE-2011-3638 CVE-2011-4087 CVE-2011-4326 | Version: | 5 |
Platform(s): | Ubuntu 10.04 | Product(s): | Linux |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28092 | |||
Oval ID: | oval:org.mitre.oval:def:28092 | ||
Title: | ELSA-2011-2033 -- Unbreakable Enterprise kernel security update (important) | ||
Description: | [2.6.32-200.23.1.el6uek] - net: Remove atmclip.h to prevent break kabi check. - KConfig: add CONFIG_UEK5=n to ol6/config-generic [2.6.32-200.22.1.el6uek] - ipv6: make fragment identifications less predictable (Joe Jin) {CVE-2011-2699} - vlan: fix panic when handling priority tagged frames (Joe Jin) {CVE-2011-3593} - ipv6: udp: fix the wrong headroom check (Maxim Uvarov) {CVE-2011-4326} - b43: allocate receive buffers big enough for max frame len + offset (Maxim Uvarov) {CVE-2011-3359} - fuse: check size of FUSE_NOTIFY_INVAL_ENTRY message (Maxim Uvarov) {CVE-2011-3353} - cifs: fix possible memory corruption in CIFSFindNext (Maxim Uvarov) {CVE-2011-3191} - crypto: md5 - Add export support (Maxim Uvarov) {CVE-2011-2699} - fs/partitions/efi.c: corrupted GUID partition tables can cause kernel oops (Maxim Uvarov) {CVE-2011-1577} - block: use struct parsed_partitions *state universally in partition check code (Maxim Uvarov) - net: Compute protocol sequence numbers and fragment IDs using MD5. (Maxim Uvarov) {CVE-2011-3188} - crypto: Move md5_transform to lib/md5.c (Maxim Uvarov) {CVE-2011-3188} - perf tools: do not look at ./config for configuration (Maxim Uvarov) {CVE-2011-2905} - Make TASKSTATS require root access (Maxim Uvarov) {CVE-2011-2494} - TPM: Zero buffer after copying to userspace (Maxim Uvarov) {CVE-2011-1162} - TPM: Call tpm_transmit with correct size (Maxim Uvarov){CVE-2011-1161} - fnic: fix panic while booting in fnic(Xiaowei Hu) - Revert 'PCI hotplug: acpiphp: set current_state to D0 in register_slot' (Guru Anbalagane) - xen: drop xen_sched_clock in favour of using plain wallclock time (Jeremy Fitzhardinge) [2.6.32-200.21.1.el6uek] - PCI: Set device power state to PCI_D0 for device without native PM support (Ajaykumar Hotchandani) [orabug 13033435] | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011-2033 CVE-2011-1162 CVE-2011-1577 CVE-2011-2494 CVE-2011-2699 CVE-2011-3188 CVE-2011-3191 CVE-2011-3353 CVE-2011-3593 CVE-2011-4326 | Version: | 5 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | kernel-uek ofa kernel-uek-debug kernel-uek-debug-devel kernel-uek-devel kernel-uek-doc kernel-uek-firmware kernel-uek-headers |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28166 | |||
Oval ID: | oval:org.mitre.oval:def:28166 | ||
Title: | DEPRECATED: ELSA-2011-1465 -- kernel security and bug fix update (important) | ||
Description: | [2.6.32-131.21.1.el6] - [net] ipv6/udp: fix the wrong headroom check (Thomas Graf) [753167 698170] [2.6.32-131.20.1.el6] - [net] vlan: fix panic when handling priority tagged frames (Andy Gospodarek) [742849 714936] {CVE-2011-3593} - [netdrv] igb: fix WOL on second port of i350 device (Frantisek Hrbata) [743807 718293] - [kernel] fix taskstats io infoleak (Jerome Marchand) [716847 716848] {CVE-2011-2494} - [tpm] Zero buffer after copying to userspace (Jiri Benc) [732632 732633] {CVE-2011-1162} - [scsi] Revert megaraid_sas: Driver only report tape drive, JBOD and logic drives (Tomas Henzl) [741167 736667] - [x86] acpi: Prevent acpiphp from deadlocking on PCI-to-PCI bridge remove (Prarit Bhargava) [745557 732706] - [net] sctp: deal with multiple COOKIE_ECHO chunks (Frantisek Hrbata) [743510 729220] - [scsi] iscsi_tcp: fix locking around iscsi sk user data (Mike Christie) [741704 647268] - [kernel] first time swap use results in heavy swapping (Hendrik Brueckner) [747868 722461] - [scsi] Reduce error recovery time by reducing use of TURs (Mike Christie) [744811 691945] - [fs] cifs: add fallback in is_path_accessible for old servers (Jeff Layton) [738301 692709] {CVE-2011-3363} - [fs] cifs: always do is_path_accessible check in cifs_mount (Jeff Layton) [738301 692709] {CVE-2011-3363} - [net] ipv6: fix NULL dereference in udp6_ufo_fragment() (Jason Wang) [748808 740465] - [net] ipv6: make fragment identifications less predictable (Jiri Pirko) [723432 723433] {CVE-2011-2699} [2.6.32-131.19.1.el6] - [scsi] scan: don't fail scans when host is in recovery (Mike Christie) [734774 713682] - [netdrv] b43: allocate receive buffers big enough for max frame len + offset (RuiRui Yang) [738204 738205] {CVE-2011-3359} - [fs] fuse: check size of FUSE_NOTIFY_INVAL_ENTRY message (RuiRui Yang) [736764 736765] {CVE-2011-3353} - [fs] cifs: fix possible memory corruption in CIFSFindNext (Jeff Layton) [737482 730354] {CVE-2011-3191} - [kernel] perf tools: do not look at ./config for configuration (Jiri Benc) [730203 730204] {CVE-2011-2905} - [x86] mm: Fix pgd_lock deadlock (Andrew Jones) [737570 691310] - [mm] pdpte registers are not flushed when PGD entry is changed in x86 PAE mode (Andrew Jones) [737570 691310] - [mm] Revert 'fix pgd_lock deadlock' (Andrew Jones) [737570 691310] - [fs] corrupted GUID partition tables can cause kernel oops (Jerome Marchand) [695981 695982] {CVE-2011-1577} - [net] Compute protocol sequence numbers and fragment IDs using MD5. (Jiri Pirko) [732664 732665] {CVE-2011-3188} - [crypto] Move md5_transform to lib/md5.c (Jiri Pirko) [732664 732665] {CVE-2011-3188} - [fs] SUNRPC: Fix use of static variable in rpcb_getport_async (Steve Dickson) [740230 723650] - [fs] NFSv4.1: update nfs4_fattr_bitmap_maxsz (Steve Dickson) [740230 723650] - [fs] SUNRPC: Fix a race between work-queue and rpc_killall_tasks (Steve Dickson) [740230 723650] - [fs] SUNRPC: Ensure we always run the tk_callback before tk_action (Steve Dickson) [740230 723650] - [misc] enclosure: fix error path to actually return ERR_PTR() on error (Tomas Henzl) [741166 713730] - [virt] KVM: make guest mode entry to be rcu quiescent state (Gleb Natapov) [740352 712653] - [virt] rcu: provide rcu_virt_note_context_switch() function (Gleb Natapov) [740352 712653] [2.6.32-131.18.1.el6] - [sched] wait_for_completion_interruptible_timeout() should return signed long (J. Bruce Fields) [745413 738379] | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011-1465 CVE-2011-1162 CVE-2011-1577 CVE-2011-2494 CVE-2011-2699 CVE-2011-2905 CVE-2011-3188 CVE-2011-3191 CVE-2011-3353 CVE-2011-3359 CVE-2011-3363 CVE-2011-3593 CVE-2011-4326 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | kernel |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-07-09 | Name : RedHat Update for kernel RHSA-2011:1465-01 File : nvt/gb_RHSA-2011_1465-01_kernel.nasl |
2011-12-23 | Name : Ubuntu Update for linux USN-1311-1 File : nvt/gb_ubuntu_USN_1311_1.nasl |
2011-12-16 | Name : Ubuntu Update for linux-ec2 USN-1299-1 File : nvt/gb_ubuntu_USN_1299_1.nasl |
2011-12-16 | Name : Ubuntu Update for linux-ti-omap4 USN-1302-1 File : nvt/gb_ubuntu_USN_1302_1.nasl |
2011-12-16 | Name : Ubuntu Update for linux-mvl-dove USN-1303-1 File : nvt/gb_ubuntu_USN_1303_1.nasl |
2011-12-16 | Name : Ubuntu Update for linux-ti-omap4 USN-1304-1 File : nvt/gb_ubuntu_USN_1304_1.nasl |
2011-12-09 | Name : Ubuntu Update for linux-lts-backport-maverick USN-1292-1 File : nvt/gb_ubuntu_USN_1292_1.nasl |
2011-12-09 | Name : Ubuntu Update for linux USN-1293-1 File : nvt/gb_ubuntu_USN_1293_1.nasl |
2011-12-09 | Name : Ubuntu Update for linux-lts-backport-oneiric USN-1294-1 File : nvt/gb_ubuntu_USN_1294_1.nasl |
2011-12-05 | Name : Ubuntu Update for linux USN-1286-1 File : nvt/gb_ubuntu_USN_1286_1.nasl |
2011-12-02 | Name : Fedora Update for kernel FEDORA-2011-16346 File : nvt/gb_fedora_2011_16346_kernel_fc14.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
77295 | Linux Kernel UFO IPv6 UDP Datagram Parsing Remote DoS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-07-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0010.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2011-26.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-1465.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-2033.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20111122_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2011-12-20 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1311-1.nasl - Type : ACT_GATHER_INFO |
2011-12-14 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-111202.nasl - Type : ACT_GATHER_INFO |
2011-12-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1304-1.nasl - Type : ACT_GATHER_INFO |
2011-12-14 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1303-1.nasl - Type : ACT_GATHER_INFO |
2011-12-14 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1299-1.nasl - Type : ACT_GATHER_INFO |
2011-12-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1302-1.nasl - Type : ACT_GATHER_INFO |
2011-12-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1292-1.nasl - Type : ACT_GATHER_INFO |
2011-12-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1293-1.nasl - Type : ACT_GATHER_INFO |
2011-12-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1294-1.nasl - Type : ACT_GATHER_INFO |
2011-12-05 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1286-1.nasl - Type : ACT_GATHER_INFO |
2011-11-29 | Name : The remote Fedora host is missing a security update. File : fedora_2011-16346.nasl - Type : ACT_GATHER_INFO |
2011-11-23 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1465.nasl - Type : ACT_GATHER_INFO |
2011-11-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1256-1.nasl - Type : ACT_GATHER_INFO |
2011-08-20 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1193-1.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2024-02-02 01:17:36 |
|
2024-02-01 12:05:12 |
|
2023-09-05 12:16:31 |
|
2023-09-05 01:05:05 |
|
2023-09-02 12:16:37 |
|
2023-09-02 01:05:10 |
|
2023-08-12 12:20:12 |
|
2023-08-12 01:05:11 |
|
2023-08-11 12:16:42 |
|
2023-08-11 01:05:21 |
|
2023-08-06 12:16:03 |
|
2023-08-06 01:05:11 |
|
2023-08-04 12:16:07 |
|
2023-08-04 01:05:12 |
|
2023-07-14 12:16:07 |
|
2023-07-14 01:05:09 |
|
2023-03-29 01:18:00 |
|
2023-03-28 12:05:17 |
|
2023-02-13 09:28:50 |
|
2023-02-02 21:28:44 |
|
2022-10-11 12:14:23 |
|
2022-10-11 01:04:54 |
|
2022-03-11 01:11:49 |
|
2021-05-25 12:09:05 |
|
2021-05-04 12:18:49 |
|
2021-04-22 01:22:28 |
|
2020-08-11 12:06:59 |
|
2020-08-08 01:07:01 |
|
2020-08-07 12:07:08 |
|
2020-08-07 01:07:16 |
|
2020-08-01 09:22:48 |
|
2020-08-01 05:22:45 |
|
2020-07-29 21:23:06 |
|
2020-07-28 17:22:40 |
|
2020-05-23 01:47:31 |
|
2020-05-23 00:32:12 |
|
2019-01-25 12:04:25 |
|
2018-11-17 12:02:57 |
|
2018-10-30 12:04:44 |
|
2016-07-01 11:08:00 |
|
2016-06-29 00:23:33 |
|
2016-06-28 18:54:04 |
|
2016-04-26 21:13:49 |
|
2015-05-06 09:28:09 |
|
2014-07-23 13:24:40 |
|
2014-02-17 11:06:11 |
|
2013-05-10 23:10:27 |
|