APPLIED: [CVE-2011-2723] gro: Only reset frag0 when skb can be pulled

Tim Gardner tim.gardner at
Tue Sep 13 18:23:57 UTC 2011

On 09/13/2011 10:48 AM, Andy Whitcroft wrote:
> CVE-2011-2723
> 	The skb_gro_header_slow function in include/linux/netdevice.h in
> 	the Linux kernel before, when Generic Receive Offload
> 	(GRO) is enabled, resets certain fields in incorrect situations,
> 	which allows remote attackers to cause a denial of service
> 	(system crash) via crafted network traffic.
> This problem was introduced between hardy and lucid.  Fixes for
> lucid/master, oneiric, and oneiric/ti-omap4 have come down via stable
> and mainline.  Following this email is a patch which applies to
> lucid/fsl-imx51, maverick, maverick/ti-omap4, natty, and natty/ti-omap4.
> This is a clean cherry-pick from mainline.
> Proposing for lucid/fsl-imx51, maverick, maverick/ti-omap4, natty,
> natty/ti-omap4.
> -apw

Tim Gardner tim.gardner at

More information about the kernel-team mailing list