CVE-2011-3593 | Ubuntu

A certain Red Hat patch to the vlan_hwaccel_do_receive function in net/8021q/vlan_core.c in the Linux kernel 2.6.32 on Red Hat Enterprise Linux (RHEL) 6 allows remote attackers to cause a denial of service (system crash) via priority-tagged VLAN frames.

From the Ubuntu Security Team

Gideon Naim discovered a flaw in the Linux kernel's handling VLAN 0 frames. An attacker on the local network could exploit this flaw to cause a denial of service.

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
linux	12.10 quantal	Not affected
	12.04 LTS precise	Not affected
	11.10 oneiric	Not affected
	11.04 natty	Not affected
	10.10 maverick	Fixed 2.6.35-30.60
	10.04 LTS lucid	Fixed 2.6.32-35.78
	8.04 LTS hardy	Not affected
linux-armadaxp	12.10 quantal	Not affected
	12.04 LTS precise	Not affected
	11.10 oneiric	Not in release
	11.04 natty	Not in release
	10.04 LTS lucid	Not in release
	8.04 LTS hardy	Not in release
linux-ec2	12.10 quantal	Not in release
	12.04 LTS precise	Not in release
	11.10 oneiric	Not in release
	11.04 natty	Not in release
	10.10 maverick	Ignored end of life
	10.04 LTS lucid	Fixed 2.6.32-319.39
	8.04 LTS hardy	Not in release
linux-fsl-imx51	12.10 quantal	Not in release
	12.04 LTS precise	Not in release
	11.10 oneiric	Not in release
	11.04 natty	Not in release
	10.10 maverick	Not in release
	10.04 LTS lucid	Fixed 2.6.31-611.29
	8.04 LTS hardy	Not in release
linux-lts-backport-maverick	12.10 quantal	Not in release
	12.04 LTS precise	Not in release
	11.10 oneiric	Not in release
	11.04 natty	Not in release
	10.10 maverick	Not in release
	10.04 LTS lucid	Fixed 2.6.35-30.60~lucid1
	8.04 LTS hardy	Not in release
linux-lts-backport-natty	12.10 quantal	Not in release
	12.04 LTS precise	Not in release
	11.10 oneiric	Not in release
	11.04 natty	Not in release
	10.10 maverick	Not in release
	10.04 LTS lucid	Not affected
	8.04 LTS hardy	Not in release
linux-lts-backport-oneiric	12.10 quantal	Not in release
	12.04 LTS precise	Not in release
	11.10 oneiric	Not in release
	11.04 natty	Not in release
	10.10 maverick	Not in release
	10.04 LTS lucid	Not affected
	8.04 LTS hardy	Not in release
linux-mvl-dove	12.10 quantal	Not in release
	12.04 LTS precise	Not in release
	11.10 oneiric	Not in release
	11.04 natty	Not in release
	10.10 maverick	Fixed 2.6.32-419.37
	10.04 LTS lucid	Fixed 2.6.32-219.37
	8.04 LTS hardy	Not in release
linux-ti-omap4	12.10 quantal	Not affected
	12.04 LTS precise	Not affected
	11.10 oneiric	Not affected
	11.04 natty	Not affected
	10.10 maverick	Fixed 2.6.35-903.25
	10.04 LTS lucid	Not in release
	8.04 LTS hardy	Not in release

Notes

apw

https://bugzilla.redhat.com/show_bug.cgi?id=742846 fixed by 3701e51382a026cba10c60b03efabe534fba4ca4 introduced by e1c096e251e52773afeffbbcb74d0a072be47ea3 the actual fix is a switch from using vlan_dev_real_dev to vlan_find_dev

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
linux	Vendor: https://rhn.redhat.com/errata/RHSA-2011-1465.html Introduced by e1c096e, fixed by 3701e51

References

Related Ubuntu Security Notices (USN)

USN-1219-1
Linux kernel (Maverick backport) vulnerabilities
29 September 2011

USN-1241-1
Linux kernel (i.MX51) vulnerabilities
25 October 2011

USN-1253-1
Linux kernel vulnerabilities
8 November 2011

USN-1239-1
Linux kernel (EC2) vulnerabilities
25 October 2011

USN-1220-1
Linux kernel (OMAP4) vulnerabilities
29 September 2011

USN-1240-1
Linux kernel (Marvell DOVE) vulnerabilities
25 October 2011

USN-1227-1
Linux kernel vulnerabilities
11 October 2011

USN-1245-1
Linux kernel (Marvell DOVE) vulnerabilities
25 October 2011

Other references

https://www.cve.org/CVERecord?id=CVE-2011-3593