|Description||drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel 18.104.22.168 and earlier handles Ethernet frames that exceed the MTU by processing certain trailing payload data as if it were a complete frame, which allows remote attackers to bypass packet filters via a large packet with a crafted payload. NOTE: this vulnerability exists because of an incorrect fix for CVE-2009-1385.|
|Source||CVE (at NVD; LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)|
|References||DSA-1996-1, DSA-2003-1, DSA-2005-1|
|NVD severity||high (attack range: remote)|
The information below is based on the following data on fixed versions.