Vulnerability Name:

CVE-2011-1576 (CCN-68863)

Assigned:2011-06-06
Published:2011-06-06
Updated:2023-02-13
Summary:The Generic Receive Offload (GRO) implementation in the Linux kernel 2.6.18 on Red Hat Enterprise Linux 5 and 2.6.32 on Red Hat Enterprise Linux 6, as used in Red Hat Enterprise Virtualization (RHEV) Hypervisor and other products, allows remote attackers to cause a denial of service via crafted VLAN packets that are processed by the napi_reuse_skb function, leading to (1) a memory leak or (2) memory corruption, a different vulnerability than CVE-2011-1478.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:5.7 Medium (CVSS v2 Vector: AV:A/AC:M/Au:N/C:N/I:N/A:C)
4.2 Medium (Temporal CVSS v2 Vector: AV:A/AC:M/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Adjacent_Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
5.7 Medium (REDHAT CVSS v2 Vector: AV:A/AC:M/Au:N/C:N/I:N/A:C)
4.2 Medium (REDHAT Temporal CVSS v2 Vector: AV:A/AC:M/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Adjacent_Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
Vulnerability Type:CWE-401
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2011-1576

Source: CCN
Type: RHSA-2011-0927
Important: kernel security and bug fix update

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: RHSA-2011-1090
Moderate: rhev-hypervisor security and bug fix update

Source: CCN
Type: RHSA-2011-1106
Moderate: kernel security, bug fix, and enhancement update

Source: CCN
Type: RHSA-2011-1189
Important: kernel security, bug fix, and enhancement update

Source: CCN
Type: RHSA-2011-1253
Important: kernel-rt security and bug fix update

Source: CCN
Type: SA46060
OpenVZ update for kernel

Source: CCN
Type: OpenVZ Web site
OpenVZ

Source: DEBIAN
Type: DSA-2303
linux-2.6 -- privilege escalation/denial of service/information leak

Source: CCN
Type: The Linux Kernel Archives Web site
The Linux Kernel Archives

Source: secalert@redhat.com
Type: Vendor Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Vendor Advisory
secalert@redhat.com

Source: CCN
Type: BID-48907
Red Hat Linux Kernel VLAN Packets Handling Remote Denial of Service Vulnerability

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: Red Hat Bugzilla Bug 695173
CVE-2011-1576 kernel: net: Fix memory leak/corruption on VLAN GRO_DROP

Source: secalert@redhat.com
Type: Patch
secalert@redhat.com

Source: XF
Type: UNKNOWN
kernel-vlan-dos(68863)

Vulnerable Configuration:Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*
    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:6:*:*:*:*:*:*:*
    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:6::server:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_desktop:5::client:*:*:*:*:*
  • AND
  • cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:6:*:server:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:6:*:workstation:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_desktop:6:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_hpc_node:6:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_server_eus:6.1.z:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_eus:5.6.z::server:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_long_life:5.6:*:*:*:*:*:*:*
  • OR cpe:/a:redhat:enterprise_virtualization:2.2:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_mrg:2.0:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20111576
    V
    		CVE-2011-1576
    2022-05-20
    oval:org.mitre.oval:def:27955
    P
    		ELSA-2011-2038 -- Unbreakable Enterprise kernel security update (important)
    2015-03-16
    oval:org.mitre.oval:def:28157
    P
    		ELSA-2011-2025 -- Unbreakable Enterprise kernel security and bug fix update (important)
    2015-03-16
    oval:org.mitre.oval:def:17757
    P
    		USN-1241-1 -- linux-fsl-imx51 vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:20944
    P
    		USN-1240-1 -- linux-mvl-dove vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:17903
    P
    		USN-1239-1 -- linux-ec2 vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:21080
    P
    		USN-1219-1 -- linux-lts-backport-maverick vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:15019
    P
    		USN-1256-1 -- Linux kernel (Natty backport) vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:21112
    P
    		USN-1227-1 -- linux vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:17659
    P
    		USN-1245-1 -- linux-mvl-dove vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:20810
    P
    		USN-1220-1 -- linux-ti-omap4 vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:14722
    P
    		USN-1253-1 -- Linux kernel vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:14888
    P
    		DSA-2303-2 linux-2.6 -- privilege escalation/denial of service/information leak
    2014-06-23
    oval:org.mitre.oval:def:14248
    P
    		DSA-2303-1 linux-2.6 -- privilege escalation/denial of service/information leak
    2014-06-23
    oval:org.mitre.oval:def:23330
    P
    		ELSA-2011:0927: kernel security and bug fix update (Important)
    2014-05-26
    oval:org.mitre.oval:def:23636
    P
    		ELSA-2011:1189: kernel security, bug fix, and enhancement update (Important)
    2014-05-26
    oval:org.mitre.oval:def:21896
    P
    		RHSA-2011:0927: kernel security and bug fix update (Important)
    2014-02-24
    oval:org.mitre.oval:def:22054
    P
    		RHSA-2011:1189: kernel security, bug fix, and enhancement update (Important)
    2014-02-24
    oval:org.mitre.oval:def:20615
    V
    		VMware ESXi and ESX updates to third party library and ESX Service Console
    2014-01-20
    oval:com.redhat.rhsa:def:20111189
    P
    		RHSA-2011:1189: kernel security, bug fix, and enhancement update (Important)
    2011-08-23
    oval:com.redhat.rhsa:def:20110927
    P
    		RHSA-2011:0927: kernel security and bug fix update (Important)
    2011-07-15
    BACK
    redhat enterprise linux 5
    redhat enterprise linux desktop 5
    redhat enterprise linux 5
    redhat enterprise linux 6
    redhat enterprise linux 6
    redhat enterprise linux desktop 6
    redhat enterprise linux hpc node 6
    redhat enterprise linux server eus 6.1.z
    redhat enterprise linux eus 5.6.z
    redhat enterprise linux long life 5.6
    redhat enterprise virtualization 2.2
    redhat enterprise mrg 2.0