Denial of Service Vulnerability in Linux Kernel's Net Subsystem

Denial of Service Vulnerability in Linux Kernel's Net Subsystem

CVE-2011-4112 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

The net subsystem in the Linux kernel before 3.1 does not properly restrict use of the IFF_TX_SKB_SHARING flag, which allows local users to cause a denial of service (panic) by leveraging the CAP_NET_ADMIN capability to access /proc/net/pktgen/pgctrl, and then using the pktgen package in conjunction with a bridge device for a VLAN interface.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.