Release date:
Updated on:
Affected Systems:
Linux kernel 2.6.35-rc1
Unaffected system:
Linux kernel 2.6.35-rc4
Description:
--------------------------------------------------------------------------------
Bugtraq id: 41432
Cve id: CVE-2011-0709
Linux Kernel is the Kernel used by open source Linux.
Linux Kernel's "br_multicast.c" has a Denial-of-Service vulnerability. Attackers can exploit this vulnerability to cause a Kernel crash and DoS attacks to legitimate users.
The vulnerability is caused by a null pointer reference in the kernel when the KVM tree is tested.
<* Source: Frank Arnold
Link: http://www.spinics.net/lists/netdev/msg134414.html
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Linux
-----
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://www.kernel.org/