CVE-2010-4263: Null Pointer Dereference

First published: Mon Dec 06 2010(Updated: )

If igb's SR-IOV and promiscuous mode are enabled and the interface receives a tag VLAN packet, this will result in a null pointer dereference. To fix this, we will backport upstream commit 31b24b95 to ensure that vlan_gro_receive is only used if vlans have been registered to the adapter structure. [ This fixes bugzilla entry 15582 -Eric Dumazet] It matters if CONFIG_PCI_IOV is enabled, e.g. grep -ir SRIOV drivers/net/igb/*. Upstream commit: <a href="http://git.kernel.org/linus/31b24b95">http://git.kernel.org/linus/31b24b95</a> References: <a href="https://bugzilla.kernel.org/show_bug.cgi?id=15582">https://bugzilla.kernel.org/show_bug.cgi?id=15582</a>

Credit: secalert@redhat.com secalert@redhat.com

Affected Software	Affected Version	How to fix
Linux Linux kernel	<2.6.34
VMware ESX	=3.5-update2
VMware ESXi	=4.1
VMware ESXi	=4.0-1
VMware ESXi	=3.5
VMware ESXi	=4.0
VMware ESX	=4.1
VMware ESXi	=4.0-3
VMware ESX	=3.5-update1
VMware ESXi	=5.0-1
VMware ESXi	=5.0
VMware ESXi	=4.1-2
VMware ESXi	=3.5-1
VMware ESX	=3.5
VMware ESXi	=4.1-1
VMware ESX	=3.5-update3
VMware ESXi	=5.0-2
VMware ESX	=4.0
VMware ESXi	=4.0-4
VMware ESXi	=4.0-2
VMware ESX	=3.0.0
VMware ESX	=3.0.2
VMware ESX	=3.0.1
VMware ESX	=3.0.3
debian/linux-2.6

CVE-2010-4263: Null Pointer Dereference

Remedy

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Company

Resources

Contact