DescriptionThe br_multicast_add_group function in net/bridge/br_multicast.c in the Linux kernel before 2.6.38, when a certain Ethernet bridge configuration is used, allows local users to cause a denial of service (memory corruption and system crash) by sending IGMP packets to a local interface.
Overall state of this security issue: Resolved
This issue is currently rated as having moderate severity.
|National Vulnerability Database|
Note from the SUSE Security TeamThis issue was introduced after Linux kernel 2.6.33 and fixed in Linux kernel 2.6.38. Only openSUSE 11.4 would have been affected, but it had a fix already. No SUSE Linux Enterprise product carried the affected code. SUSE Bugzilla entry: 768321 [RESOLVED / FIXED] No SUSE Security Announcements cross referenced.
SUSE Timeline for this CVECVE page created: Fri Jun 28 04:27:29 2013
CVE page last modified: Fri Oct 7 12:46:03 2022