The igb_receive_skb function in drivers/net/igb/igb_main.c in the Intel Gigabit Ethernet (aka igb) subsystem in the Linux kernel before 2.6.34, when Single Root I/O Virtualization (SR-IOV) and promiscuous mode are enabled but no VLANs are registered, allows remote attackers to cause a denial of service (NULL pointer dereference and panic) and possibly have unspecified other impact via a VLAN tagged frame.
http://openwall.com/lists/oss-security/2010/12/06/3
http://openwall.com/lists/oss-security/2010/12/06/9
http://secunia.com/advisories/42884
http://secunia.com/advisories/42890
http://secunia.com/advisories/46397
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34
http://www.redhat.com/support/errata/RHSA-2011-0007.html
http://www.redhat.com/support/errata/RHSA-2011-0017.html
http://www.securityfocus.com/archive/1/520102/100/0/threaded
http://www.securityfocus.com/bid/45208
http://www.vmware.com/security/advisories/VMSA-2011-0012.html
OR
OR
cpe:2.3:o:vmware:esx:3.0.0:*:*:*:*:*:*:*
cpe:2.3:o:vmware:esx:3.0.1:*:*:*:*:*:*:*
cpe:2.3:o:vmware:esx:3.0.2:*:*:*:*:*:*:*
cpe:2.3:o:vmware:esx:3.0.3:*:*:*:*:*:*:*
cpe:2.3:o:vmware:esx:3.5:*:*:*:*:*:*:*
cpe:2.3:o:vmware:esx:3.5:update1:*:*:*:*:*:*
cpe:2.3:o:vmware:esx:3.5:update2:*:*:*:*:*:*
cpe:2.3:o:vmware:esx:3.5:update3:*:*:*:*:*:*
cpe:2.3:o:vmware:esx:4.0:*:*:*:*:*:*:*
cpe:2.3:o:vmware:esx:4.1:*:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:3.5:*:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:3.5:1:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:4.0:*:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:4.0:1:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:4.0:2:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:4.0:3:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:4.0:4:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:4.1:*:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:4.1:1:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:4.1:2:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:5.0:*:*:*:*:*:*:*
ID | Name | Product | Family | Severity |
---|---|---|---|---|
89680 | VMware ESX / ESXi Third-Party Libraries Multiple Vulnerabilities (VMSA-2011-0012) (remote check) | Nessus | Misc. | high |
68177 | Oracle Linux 6 : kernel (ELSA-2011-0007) | Nessus | Oracle Linux Local Security Checks | high |
56508 | VMSA-2011-0012 : VMware ESXi and ESX updates to third-party libraries and ESX Service Console | Nessus | VMware ESX Local Security Checks | high |
55589 | Ubuntu 10.10 : linux-mvl-dove vulnerabilities (USN-1159-1) | Nessus | Ubuntu Local Security Checks | high |
55521 | Ubuntu 10.04 LTS : linux-mvl-dove vulnerabilities (USN-1162-1) | Nessus | Ubuntu Local Security Checks | high |
55104 | Ubuntu 10.04 LTS : linux, linux-ec2 vulnerabilities (USN-1141-1) | Nessus | Ubuntu Local Security Checks | high |
51522 | RHEL 5 : kernel (RHSA-2011:0017) | Nessus | Red Hat Local Security Checks | medium |
51500 | RHEL 6 : kernel (RHSA-2011:0007) | Nessus | Red Hat Local Security Checks | high |