Denial of Service Vulnerability in Linux Kernel's GRO Implementation

Denial of Service Vulnerability in Linux Kernel's GRO Implementation

CVE-2011-1478 · MEDIUM Severity

AV:A/AC:M/AU:N/C:N/I:N/A:C

The napi_reuse_skb function in net/core/dev.c in the Generic Receive Offload (GRO) implementation in the Linux kernel before 2.6.38 does not reset the values of certain structure members, which might allow remote attackers to cause a denial of service (NULL pointer dereference) via a malformed VLAN frame.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.