Linux Kernel Headroom Check 'udp6_ufo_fragment()' Remote Denial of Service Vulnerability
BID:50751
Info
Linux Kernel Headroom Check 'udp6_ufo_fragment()' Remote Denial of Service Vulnerability
| Bugtraq ID: | 50751 |
| Class: | Design Error |
| CVE: |
CVE-2011-4326 |
| Remote: | Yes |
| Local: | No |
| Published: | Nov 21 2011 12:00AM |
| Updated: | May 07 2015 05:12PM |
| Credit: | Petr Matousek |
| Vulnerable: |
Ubuntu Ubuntu Linux 11.04 powerpc Ubuntu Ubuntu Linux 11.04 i386 Ubuntu Ubuntu Linux 11.04 ARM Ubuntu Ubuntu Linux 11.04 amd64 Ubuntu Ubuntu Linux 10.10 powerpc Ubuntu Ubuntu Linux 10.10 i386 Ubuntu Ubuntu Linux 10.10 ARM Ubuntu Ubuntu Linux 10.10 amd64 Ubuntu Ubuntu Linux 10.04 sparc Ubuntu Ubuntu Linux 10.04 powerpc Ubuntu Ubuntu Linux 10.04 i386 Ubuntu Ubuntu Linux 10.04 ARM Ubuntu Ubuntu Linux 10.04 amd64 SuSE SUSE Linux Enterprise Server for VMware 11 SP1 SuSE SUSE Linux Enterprise Server 11 SP1 SuSE SUSE Linux Enterprise Real Time 11 SP1 SuSE SUSE Linux Enterprise High Availability Extension 11 SP1 SuSE SUSE Linux Enterprise Desktop 11 SP1 Red Hat MRG Realtime for RHEL 6 Server 2 Red Hat Enterprise Linux Workstation 6 Red Hat Enterprise Linux Server 6 Red Hat Enterprise Linux HPC Node 6 Red Hat Enterprise Linux Desktop 6 Oracle Enterprise Linux 6 Oracle Enterprise Linux 5 OpenVZ Project OpenVZ 042stab039.10 OpenVZ Project OpenVZ 042stab037.1 OpenVZ Project OpenVZ 028stab095.1 OpenVZ Project OpenVZ 028stab092.2 OpenVZ Project OpenVZ 028stab091.1 OpenVZ Project OpenVZ 028stab089.1 OpenVZ Project OpenVZ 028stab085.2 OpenVZ Project OpenVZ 028stab081.1 OpenVZ Project OpenVZ 023stab054.1 OpenVZ Project OpenVZ 023stab053.2 Linux kernel 2.6.39 rc4 Linux kernel 2.6.39 Linux kernel 2.6.38 Linux kernel 2.6.37 Linux kernel 2.6.36 Linux kernel 2.6.35 Linux kernel 2.6.34 Linux kernel 2.6.33 .1 Linux kernel 2.6.33 Linux kernel 2.6.32 .9 Linux kernel 2.6.32 Linux kernel 2.6.7 rc3 Linux kernel 2.6.7 rc2 Linux kernel 2.6.7 rc1 Linux kernel 2.6.7 Linux kernel 2.6.7 Linux kernel 2.6.6 rc3 Linux kernel 2.6.6 rc2 Linux kernel 2.6.6 rc1 Linux kernel 2.6.6 Linux kernel 2.6.6 Linux kernel 2.6.5 rc3 Linux kernel 2.6.5 rc2 Linux kernel 2.6.5 rc1 Linux kernel 2.6.5 Linux kernel 2.6.4 rc3 Linux kernel 2.6.4 rc2 Linux kernel 2.6.4 rc1 Linux kernel 2.6.4 Linux kernel 2.6.4 Linux kernel 2.6.39-rc6 Linux kernel 2.6.39-rc3 Linux kernel 2.6.38.6 Linux kernel 2.6.38.4 Linux kernel 2.6.38.3 Linux kernel 2.6.38.2 Linux kernel 2.6.38-rc7 Linux kernel 2.6.38-rc4 Linux kernel 2.6.38-rc2 Linux kernel 2.6.38-git18 Linux kernel 2.6.37rc Linux kernel 2.6.37.2 Linux kernel 2.6.37-rc7 Linux kernel 2.6.37-rc2 Linux kernel 2.6.37-rc1 Linux kernel 2.6.36.2 (stable) Linux kernel 2.6.36-rc8 Linux kernel 2.6.36-rc6 Linux kernel 2.6.36-rc5 Linux kernel 2.6.36-rc4 Linux kernel 2.6.36-rc1 Linux kernel 2.6.35.5 Linux kernel 2.6.35.4 Linux kernel 2.6.35.1 Linux kernel 2.6.35-rc6 Linux kernel 2.6.35-rc5-git5 Linux kernel 2.6.35-rc5 Linux kernel 2.6.35-rc4 Linux kernel 2.6.35-rc1 Linux kernel 2.6.34.3 Linux kernel 2.6.34.2 Linux kernel 2.6.34.1 Linux kernel 2.6.34-rc6 Linux kernel 2.6.34-rc5 Linux kernel 2.6.34-rc4 Linux kernel 2.6.34-rc2-git1 Linux kernel 2.6.34-rc2 Linux kernel 2.6.34-rc1 Linux kernel 2.6.33.7 Linux kernel 2.6.33-rc8 Linux kernel 2.6.33-rc7 Linux kernel 2.6.33-rc7 Linux kernel 2.6.33-rc6-git5 Linux kernel 2.6.33-rc6 Linux kernel 2.6.33-rc5 Linux kernel 2.6.33-rc4 Linux kernel 2.6.32.8 Linux kernel 2.6.32.7 Linux kernel 2.6.32.6 Linux kernel 2.6.32.5 Linux kernel 2.6.32.4 Linux kernel 2.6.32.3 Linux kernel 2.6.32.28 Linux kernel 2.6.32.22 Linux kernel 2.6.32.2 Linux kernel 2.6.32.18 Linux kernel 2.6.32.17 Linux kernel 2.6.32.16 Linux kernel 2.6.32.15 Linux kernel 2.6.32.14 Linux kernel 2.6.32.13 Linux kernel 2.6.32.12 Linux kernel 2.6.32.11 Linux kernel 2.6.32.10 Linux kernel 2.6.32.1 Linux kernel 2.6.32-rc8 Linux kernel 2.6.32-rc7 Linux kernel 2.6.32-rc5 Linux kernel 2.6.32-rc4 Linux kernel 2.6.32-rc3 Linux kernel 2.6.32-rc2 Linux kernel 2.6.32-rc1 Avaya 96x1 IP Deskphone 6 |
| Not Vulnerable: |
OpenVZ Project OpenVZ 042stab044.11 |
Discussion
Linux Kernel Headroom Check 'udp6_ufo_fragment()' Remote Denial of Service Vulnerability
The Linux kernel is prone to a remote denial-of-service vulnerability that affects the headroom check.
Attackers can exploit this issue to cause a kernel crash, denying service to legitimate users.
The Linux kernel is prone to a remote denial-of-service vulnerability that affects the headroom check.
Attackers can exploit this issue to cause a kernel crash, denying service to legitimate users.
Exploit / POC
Linux Kernel Headroom Check 'udp6_ufo_fragment()' Remote Denial of Service Vulnerability
To exploit this issue, attackers can use readily available network utilities.
To exploit this issue, attackers can use readily available network utilities.
Solution / Fix
Linux Kernel Headroom Check 'udp6_ufo_fragment()' Remote Denial of Service Vulnerability
Solution:
Updates are available. Please see the references for more information.
Solution:
Updates are available. Please see the references for more information.
References
Linux Kernel Headroom Check 'udp6_ufo_fragment()' Remote Denial of Service Vulnerability
References:
References:
- CVE Request -- kernel: wrong headroom check in udp6_ufo_fragment() (Petr Matousek)
- Download/kernel/rhel6/042stab044.11 (OpenVZ Project)
- Linux Homepage (Linux)
- ASA-2012-044: Wind River Linux kernel Security Update (WIND00319165 WIND00319166 (Avaya)