[CVE-2011-4087] Multiple remote denial of service in Linux bridge

Tim Gardner tim.gardner at canonical.com
Mon Nov 21 13:40:07 UTC 2011

On 11/21/2011 05:14 AM, Andy Whitcroft wrote:
> CVE-2011-4087
> 	Scot Doyle discovered that the bridge networking interface
> 	incorrectly handled certain network packets. A remote attacker
> 	could exploit this to crash the system, leading to a denial
> 	of service.
> Fixes for this issue have hit natty and later via mainline and stable.
> Releases prior to natty are not affected.  Following this email is the
> one remaining patch required for natty/ti-omap4, this is a direct
> cherry-pick of the upstream backport on natty/master.
> Proposing for natty/ti-omap4.
> -apw

Is this the right description? The patch appears to have nothing to do 
with bridge code.

Tim Gardner tim.gardner at canonical.com

More information about the kernel-team mailing list