CVE-2011-4326

The udp6_ufo_fragment function in net/ipv6/udp.c in the Linux kernel before 2.6.39, when a certain UDP Fragmentation Offload (UFO) configuration is enabled, allows remote attackers to cause a denial of service (system crash) by sending fragmented IPv6 UDP packets to a bridge device.

From the Ubuntu Security Team

A bug was found in the way headroom check was performed in udp6_ufo_fragment() function. A remote attacker could use this flaw to crash the system.

• How can I get the fixes?
• What do statuses mean?
• Patch details

References

• MITRE
• NVD
• Launchpad
• Debian

Related Ubuntu Security Notices (USN)

• USN-1292-1
• Linux kernel (Maverick backport) vulnerabilities
• 8 December 2011
• USN-1294-1
• Linux kernel (Oneiric backport) vulnerabilities
• 8 December 2011
• USN-1302-1
• Linux kernel (OMAP4) vulnerabilities
• 13 December 2011
• USN-1299-1
• Linux kernel (EC2) vulnerabilities
• 13 December 2011
• USN-1303-1
• Linux kernel (Marvell DOVE) vulnerabilities
• 13 December 2011
• USN-1293-1
• Linux kernel vulnerabilities
• 8 December 2011
• USN-1311-1
• Linux kernel vulnerabilities
• 19 December 2011
• USN-1304-1
• Linux kernel (OMAP4) vulnerabilities
• 13 December 2011
• USN-1256-1
• Linux kernel (Natty backport) vulnerabilities
• 9 November 2011
• USN-1193-1
• Linux kernel vulnerabilities
• 19 August 2011

Other references

• http://www.openwall.com/lists/oss-security/2011/11/21/9
• http://article.gmane.org/gmane.linux.network/192959
• https://www.cve.org/CVERecord?id=CVE-2011-4326