CVE-2011-1581 at MITRE
The bond_select_queue function in drivers/net/bonding/bond_main.c in the Linux kernel before 2.6.39, when a network device with a large number of receive queues is installed but the default tx_queues setting is used, does not properly restrict queue indexes, which allows remote attackers to cause a denial of service (BUG and system crash) or possibly have unspecified other impact by sending network traffic.
CVSS v2 Scores
| ||National Vulnerability Database|
|Base Score ||4.58|
|Access Vector ||Adjacent Network|
|Access Complexity ||High|
|Confidentiality Impact ||None|
|Integrity Impact ||None|
|Availability Impact ||Complete|
Note from the SUSE Security Team
This problem affected only openSUSE 11.4 and was fixed there. Older version and SUSE Linux Enterprise products are not affected.
SUSE Bugzilla entry: 687116
[RESOLVED / FIXED]
SUSE Security Advisories:
List of released packages