Bug 736425 (CVE-2011-3347) - CVE-2011-3347 kernel: be2net: promiscuous mode and non-member VLAN packets DoS
Summary: CVE-2011-3347 kernel: be2net: promiscuous mode and non-member VLAN packets DoS
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2011-3347
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard: impact=moderate,public=20111020,repor...
Depends On: 730239 736428 736429 736430 748438 748691 761364
Blocks: 733264
TreeView+ depends on / blocked
 
Reported: 2011-09-07 16:36 UTC by Petr Matousek
Modified: 2019-06-08 18:54 UTC (History)
15 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2012-05-10 13:08:23 UTC


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2011:1386 normal SHIPPED_LIVE Important: kernel security, bug fix, and enhancement update 2011-10-20 17:28:15 UTC
Red Hat Product Errata RHSA-2011:1408 normal SHIPPED_LIVE Moderate: rhev-hypervisor security update 2011-10-26 15:32:36 UTC
Red Hat Product Errata RHSA-2011:1530 normal SHIPPED_LIVE Moderate: Red Hat Enterprise Linux 6 kernel security, bug fix and enhancement update 2011-12-06 01:45:35 UTC
Red Hat Product Errata RHSA-2012:0116 normal SHIPPED_LIVE Moderate: kernel security and bug fix update 2012-02-15 05:42:54 UTC

Description Petr Matousek 2011-09-07 16:36:19 UTC
When interface is put in promiscuous mode and it receives VLAN packets, but no VLANS are configured on that interface , then the kernel crashes in the 8021q module.

Acknowledgements:

Red Hat would like to thank Somnath Kotur for reporting this issue.

Comment 5 errata-xmlrpc 2011-10-20 17:29:22 UTC
This issue has been addressed in following products:

  Red Hat Enterprise Linux 5

Via RHSA-2011:1386 https://rhn.redhat.com/errata/RHSA-2011-1386.html

Comment 7 Petr Matousek 2011-10-24 13:04:27 UTC
Statement:

This has been addressed in Red Hat Enterprise Linux 5 via https://rhn.redhat.com/errata/RHSA-2011-1386.html. This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 4 as it did not include support for ServerEngines' 10Gbps network adapter - BladeEngine. This has been addressed in Red Hat Enterprise Linux 6 via https://rhn.redhat.com/errata/RHSA-2011-1530.html. A future kernel update in Red Hat Enterprise MRG may address this issue.

Comment 8 Eugene Teo (Security Response) 2011-10-25 04:06:56 UTC
Created kernel tracking bugs for this issue

Affects: fedora-all [bug 748691]

Comment 10 errata-xmlrpc 2011-10-26 15:32:57 UTC
This issue has been addressed in following products:

  RHEV-H, V2V and Agents for RHEL-5

Via RHSA-2011:1408 https://rhn.redhat.com/errata/RHSA-2011-1408.html

Comment 12 errata-xmlrpc 2011-12-06 14:28:23 UTC
This issue has been addressed in following products:

  Red Hat Enterprise Linux 6

Via RHSA-2011:1530 https://rhn.redhat.com/errata/RHSA-2011-1530.html

Comment 14 errata-xmlrpc 2012-02-15 00:43:25 UTC
This issue has been addressed in following products:

  Red Hat Enterprise Linux 6.1 EUS - Server Only

Via RHSA-2012:0116 https://rhn.redhat.com/errata/RHSA-2012-0116.html


Note You need to log in before you can comment on or make changes to this bug.