CVE-2011-3347 — Redhat Enterprise Linux vulnerability

9 documents6 sources

Severity

4.6MEDIUMNVD

EPSS

0.5%

top 32.32%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Kernel Redhat Enterprise Linux

Timeline

PublishedJun 8

Latest updateMay 14

Description

A certain Red Hat patch to the be2net implementation in the kernel package before 2.6.32-218.el6 on Red Hat Enterprise Linux (RHEL) 6, when promiscuous mode is enabled, allows remote attackers to cause a denial of service (system crash) via non-member VLAN packets.

CVSS vector

AV:A/AC:H/C:N/I:N/A:CExploitability: 3.2 | Impact: 6.9

Affected Packages1 packages

▶Ubuntulinux/linux_kernel< 3.11.0-12.19+1

Also affects: Enterprise Linux 6.0

🔴Vulnerability Details

GHSA

GHSA-hf88-fvh2-2xgw: A certain Red Hat patch to the be2net implementation in the kernel package before 2↗2022-05-14

▶

OSV

CVE-2011-3347: A certain Red Hat patch to the be2net implementation in the kernel package before 2↗2011-10-21

▶

📋Vendor Advisories

Ubuntu

Linux kernel vulnerability↗2012-03-29

▶

Ubuntu

Linux kernel (OMAP4) vulnerability↗2012-03-27

▶

Ubuntu

Linux kernel (Oneiric backport) vulnerabilities↗2012-03-27

▶

Red Hat

kernel: be2net: promiscuous mode and non-member VLAN packets DoS↗2011-10-20

▶

💬Community

Bugzilla

CVE-2011-3347 kernel: be2net: promiscuous mode and non-member VLAN packets DoS [fedora-all]↗2011-10-25

▶

Bugzilla

CVE-2011-3347 kernel: be2net: promiscuous mode and non-member VLAN packets DoS↗2011-09-07

▶