Vulnerabilities > CVE-2011-4112
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
The net subsystem in the Linux kernel before 3.1 does not properly restrict use of the IFF_TX_SKB_SHARING flag, which allows local users to cause a denial of service (panic) by leveraging the CAP_NET_ADMIN capability to access /proc/net/pktgen/pgctrl, and then using the pktgen package in conjunction with a bridge device for a VLAN interface.
Vulnerable Configurations
References
- http://downloads.avaya.com/css/P8/documents/100156038
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=550fd08c2cebad61c548def135f67aba284c6162
- http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1
- http://www.openwall.com/lists/oss-security/2011/11/21/4
- https://bugzilla.redhat.com/show_bug.cgi?id=751006
- https://github.com/torvalds/linux/commit/550fd08c2cebad61c548def135f67aba284c6162
- http://downloads.avaya.com/css/P8/documents/100156038
- https://github.com/torvalds/linux/commit/550fd08c2cebad61c548def135f67aba284c6162
- https://bugzilla.redhat.com/show_bug.cgi?id=751006
- http://www.openwall.com/lists/oss-security/2011/11/21/4
- http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=550fd08c2cebad61c548def135f67aba284c6162