APPLIED: [CVE-2011-4087] Multiple remote denial of service in Linux bridge

Andy Whitcroft apw at
Wed Nov 23 10:45:53 UTC 2011

On Tue, Nov 22, 2011 at 02:09:57PM -0700, Tim Gardner wrote:
> On 11/22/2011 01:58 PM, Tim Gardner wrote:
> >On 11/21/2011 05:14 AM, Andy Whitcroft wrote:
> >>CVE-2011-4087
> >>Scot Doyle discovered that the bridge networking interface
> >>incorrectly handled certain network packets. A remote attacker
> >>could exploit this to crash the system, leading to a denial
> >>of service.
> >>
> >>Fixes for this issue have hit natty and later via mainline and stable.
> >>Releases prior to natty are not affected. Following this email is the
> >>one remaining patch required for natty/ti-omap4, this is a direct
> >>cherry-pick of the upstream backport on natty/master.
> >>
> >>Proposing for natty/ti-omap4.
> >>
> >>-apw
> >>
> >
> >
> Drat - as soon as I pushed I noticed there is no bug number in your
> patch, so I inserted the bug number from the commit on master
> (214c889ef231aa3b3c29a8cbda6783ddfc064b47) and repushed, but then
> noticed 793702 is a stable update bug. LP keeps timing out when I
> search for CVE-2011-4087, so perhaps you could attempt to fix this
> commit at your earliest convenience.

Bug numbers were unavailable at the time I did the port, scripting
failure in security.  I then missed them being missing when reviewing
for send.  BugLink: added, branch updated:


More information about the kernel-team mailing list