CVE-2011-0716
Publication date 12 January 2012
Last updated 24 July 2024
Ubuntu priority
The br_multicast_add_group function in net/bridge/br_multicast.c in the Linux kernel before 2.6.38, when a certain Ethernet bridge configuration is used, allows local users to cause a denial of service (memory corruption and system crash) by sending IGMP packets to a local interface.
From the Ubuntu Security Team
A flaw was found in the Linux Ethernet bridge’s handling of IGMP (Internet Group Management Protocol) packets. An unprivileged local user could exploit this flaw to crash the system.
Status
Package | Ubuntu Release | Status |
---|---|---|
linux | 12.04 LTS precise |
Not affected
|
11.10 oneiric |
Not affected
|
|
11.04 natty |
Not affected
|
|
10.10 maverick |
Fixed 2.6.35-32.66
|
|
10.04 LTS lucid |
Not affected
|
|
8.04 LTS hardy |
Not affected
|
|
linux-armadaxp | 12.04 LTS precise |
Not affected
|
11.10 oneiric | Not in release | |
11.04 natty | Not in release | |
10.04 LTS lucid | Not in release | |
8.04 LTS hardy | Not in release | |
linux-ec2 | 12.04 LTS precise | Not in release |
11.10 oneiric | Not in release | |
11.04 natty | Not in release | |
10.10 maverick | Ignored end of life | |
10.04 LTS lucid |
Not affected
|
|
8.04 LTS hardy | Not in release | |
linux-fsl-imx51 | 12.04 LTS precise | Not in release |
11.10 oneiric | Not in release | |
11.04 natty | Not in release | |
10.10 maverick | Not in release | |
10.04 LTS lucid |
Not affected
|
|
8.04 LTS hardy | Not in release | |
linux-lts-backport-maverick | 12.04 LTS precise | Not in release |
11.10 oneiric | Not in release | |
11.04 natty | Not in release | |
10.10 maverick | Not in release | |
10.04 LTS lucid |
Fixed 2.6.35-32.66~lucid1
|
|
8.04 LTS hardy | Not in release | |
linux-lts-backport-natty | 12.04 LTS precise | Not in release |
11.10 oneiric | Not in release | |
11.04 natty | Not in release | |
10.10 maverick | Not in release | |
10.04 LTS lucid |
Not affected
|
|
8.04 LTS hardy | Not in release | |
linux-lts-backport-oneiric | 12.04 LTS precise | Not in release |
11.10 oneiric | Not in release | |
11.04 natty | Not in release | |
10.10 maverick | Not in release | |
10.04 LTS lucid |
Not affected
|
|
8.04 LTS hardy | Not in release | |
linux-mvl-dove | 12.04 LTS precise | Not in release |
11.10 oneiric | Not in release | |
11.04 natty | Not in release | |
10.10 maverick |
Not affected
|
|
10.04 LTS lucid | Ignored end of life | |
8.04 LTS hardy | Not in release | |
linux-ti-omap4 | 12.04 LTS precise |
Not affected
|
11.10 oneiric |
Not affected
|
|
11.04 natty |
Not affected
|
|
10.10 maverick |
Fixed 2.6.35-903.31
|
|
10.04 LTS lucid | Not in release | |
8.04 LTS hardy | Not in release |
References
Related Ubuntu Security Notices (USN)
- USN-1379-1
- Linux kernel vulnerabilities
- 28 February 2012
- USN-1387-1
- Linux kernel (Maverick backport) vulnerabilities
- 6 March 2012
- USN-1394-1
- linux-ti-omap4 vulnerabilities
- 7 March 2012