APPLIED: [CVE-2011-4087] Multiple remote denial of service in Linux bridge

Tim Gardner tim.gardner at
Tue Nov 22 21:09:57 UTC 2011

On 11/22/2011 01:58 PM, Tim Gardner wrote:
> On 11/21/2011 05:14 AM, Andy Whitcroft wrote:
>> CVE-2011-4087
>> Scot Doyle discovered that the bridge networking interface
>> incorrectly handled certain network packets. A remote attacker
>> could exploit this to crash the system, leading to a denial
>> of service.
>> Fixes for this issue have hit natty and later via mainline and stable.
>> Releases prior to natty are not affected. Following this email is the
>> one remaining patch required for natty/ti-omap4, this is a direct
>> cherry-pick of the upstream backport on natty/master.
>> Proposing for natty/ti-omap4.
>> -apw

Drat - as soon as I pushed I noticed there is no bug number in your 
patch, so I inserted the bug number from the commit on master 
(214c889ef231aa3b3c29a8cbda6783ddfc064b47) and repushed, but then 
noticed 793702 is a stable update bug. LP keeps timing out when I search 
for CVE-2011-4087, so perhaps you could attempt to fix this commit at 
your earliest convenience.

Tim Gardner tim.gardner at

More information about the kernel-team mailing list