Vigil@nce - Linux kernel: denial of service via GRO
December 2016 by Vigil@nce
This bulletin was written by Vigil@nce : https://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can send malicious GRO packets to the Linux kernel, in
order to trigger a denial of service.
Impacted products: Blue Coat CAS, Linux, openSUSE Leap, RHEL,
Ubuntu.
Severity: 2/4.
Creation date: 11/10/2016.
DESCRIPTION OF THE VULNERABILITY
The Linux kernel can be configured with CONFIG_VLAN_8021Q or
CONFIG_VXLAN, with the support of Transparent Ethernet Bridging
(TEB) GRO.
However, when malicious GRO packets are received, an infinite
recursion error occurs.
An attacker can therefore send malicious GRO packets to the Linux
kernel, in order to trigger a denial of service.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
https://vigilance.fr/vulnerability/Linux-kernel-denial-of-service-via-GRO-20813