Insufficient Input Validation in Linux Kernel's bnx2x Network Card Driver: DoS via Specially Crafted Packet

Insufficient Input Validation in Linux Kernel's bnx2x Network Card Driver: DoS via Specially Crafted Packet

CVE-2018-1000026 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

Linux Linux kernel version at least v4.8 onwards, probably well before contains a Insufficient input validation vulnerability in bnx2x network card driver that can result in DoS: Network card firmware assertion takes card off-line. This attack appear to be exploitable via An attacker on a must pass a very large, specially crafted packet to the bnx2x card. This can be done from an untrusted guest VM..

Learn more about our Network Penetration Testing.