DescriptionThe bond_select_queue function in drivers/net/bonding/bond_main.c in the Linux kernel before 2.6.39, when a network device with a large number of receive queues is installed but the default tx_queues setting is used, does not properly restrict queue indexes, which allows remote attackers to cause a denial of service (BUG and system crash) or possibly have unspecified other impact by sending network traffic.
Overall state of this security issue: Resolved
This issue is currently rated as having moderate severity.
|National Vulnerability Database|
|Access Vector||Adjacent Network|
Note from the SUSE Security TeamThis problem affected only openSUSE 11.4 and was fixed there. Older version and SUSE Linux Enterprise products are not affected. SUSE Bugzilla entry: 687116 [RESOLVED / FIXED] SUSE Security Advisories:
- SUSE-SA:2011:021, published Fri, 29 Apr 2011 16:00:00 +0000
- openSUSE-SU-2011:0416-1, published Fri, 29 Apr 2011 17:08:14 +0200 (CEST)
List of released packages
|Product(s)||Fixed package version(s)||References|
|openSUSE 11.4|| |
|openSUSE 11.4|| ||Patchnames:
|openSUSE Leap 42.1|| ||Patchnames:
openSUSE Leap 42.1 GA kernel-default
|openSUSE Tumbleweed|| ||Patchnames:
openSUSE Tumbleweed GA kernel-debug