Bypassing Packet Filters via Small Packets in Netfilter MAC Module

Bypassing Packet Filters via Small Packets in Netfilter MAC Module

CVE-2001-1572 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

The MAC module in Netfilter in Linux kernel 2.4.1 through 2.4.11, when configured to filter based on MAC addresses, allows remote attackers to bypass packet filters via small packets.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.