Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

De la Théorie à la pratique





















Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Vigil@nce: Linux kernel, denial of service via bonding

April 2011 by Vigil@nce

This bulletin was written by Vigil@nce : http://vigilance.fr/

SYNTHESIS OF THE VULNERABILITY An attacker can send network packets to an interface using a "bonding", in order to stop the system.

- Severity: 1/4
- Creation date: 13/04/2011

IMPACTED PRODUCTS

- Linux kernel

DESCRIPTION OF THE VULNERABILITY

The "bonding" feature is used to group several network devices (such as eth1 and eth2) in a same interface (bond0).

By default, the bonded interface has 16 queues. However, if a network device has more than 16 queues, an attacker can send several packets, in order to force the usage of more than 16 queues, which creates an integer overflow in the bond_select_queue() function of the drivers/net/bonding/bond_main.c file.

An attacker can therefore send network packets to an interface using a "bonding", in order to stop the system.

ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN

http://vigilance.fr/vulnerability/L...




See previous articles

    

See next articles