Upstream information
Description
The skb_gro_header_slow function in include/linux/netdevice.h in the Linux kernel before 2.6.39.4, when Generic Receive Offload (GRO) is enabled, resets certain fields in incorrect situations, which allows remote attackers to cause a denial of service (system crash) via crafted network traffic.SUSE information
Overall state of this security issue: Resolved
This issue is currently rated as having moderate severity.
| National Vulnerability Database | |
|---|---|
| Base Score | 5.7 |
| Vector | AV:A/AC:M/Au:N/C:N/I:N/A:C |
| Access Vector | Adjacent Network |
| Access Complexity | Medium |
| Authentication | None |
| Confidentiality Impact | None |
| Integrity Impact | None |
| Availability Impact | Complete |
Note from the SUSE Security Team
This issue only affects kernels that have the generic checksum offload infrastructure, including kernels after 2.6.29. Earlier kernels ando SUSE Linux Enterprise releases up to and including SUSE Linux Enterprise 10 are not affected. SUSE Bugzilla entry: 709164 [RESOLVED / FIXED]SUSE Security Advisories:
- openSUSE-SU-2012:0206-1, published Fri Dec 8 15:48:31 2023
- openSUSE-SU-2012:0236-1, published Fri Dec 8 15:48:31 2023
SUSE Timeline for this CVE
CVE page created: Tue Jul 9 19:12:59 2013CVE page last modified: Fri Dec 8 16:49:53 2023