CVE-2011-1478 : The napi_reuse_skb function in net/core/dev.c in the Generic Receive Offload (GRO) implementation in the Linux kernel be

The napi_reuse_skb function in net/core/dev.c in the Generic Receive Offload (GRO) implementation in the Linux kernel before 2.6.38 does not reset the values of certain structure members, which might allow remote attackers to cause a denial of service (NULL pointer dereference) via a malformed VLAN frame.

Published 2011-10-23 10:55:03

Updated 2023-02-13 04:29:50

Source Red Hat, Inc.

View at NVD, CVE.org

Vulnerability category: Memory CorruptionDenial of service

Threat overview for CVE-2011-1478

Top countries where our scanners detected CVE-2011-1478

Top open port discovered on systems with this issue 49152

IPs affected by CVE-2011-1478 1,472

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2011-1478!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2011-1478

Probability of exploitation activity in the next 30 days: 0.69%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 78 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2011-1478

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.7	MEDIUM	AV:A/AC:M/Au:N/C:N/I:N/A:C	5.5	6.9	NIST
Access Vector: Adjacent Network Access Complexity: Medium Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Complete

CWE ids for CVE-2011-1478

CWE-476 NULL Pointer Dereference

A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2011-1478

http://openwall.com/lists/oss-security/2011/03/28/1

oss-security - CVE-2011-1478 kernel: gro: reset dev and skb_iff on skb reuse
Mailing List;Third Party Advisory
http://securityreason.com/securityalert/8480

VMware ESXi and ESX updates to third party libraries and ESX Service Console - CXSecurity.com
Third Party Advisory
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6d152e23ad1a7a5b40fef1f42e017d66e6115159
http://mirror.anl.gov/pub/linux/kernel/v2.6/ChangeLog-2.6.38

Broken Link
http://www.securityfocus.com/archive/1/520102/100/0/threaded

SecurityFocus
Third Party Advisory;VDB Entry

CVEs referencing this url
http://www.vmware.com/security/advisories/VMSA-2011-0012.html

VMSA-2011-0012.3
Third Party Advisory

CVEs referencing this url
https://bugzilla.redhat.com/show_bug.cgi?id=691270

691270 – (CVE-2011-1478) CVE-2011-1478 kernel: gro: reset dev and skb_iff on skb reuse
Issue Tracking;Third Party Advisory
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=66c46d741e2e60f0e8b625b80edb0ab820c46d7a

Products affected by CVE-2011-1478