{
  "threat_severity" : "Moderate",
  "public_date" : "2010-12-02T00:00:00Z",
  "bugzilla" : {
    "description" : "kernel: deficiency in processing igmp host membership reports in br_multicast",
    "id" : "678169",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=678169"
  },
  "cvss" : {
    "cvss_base_score" : "4.7",
    "cvss_scoring_vector" : "AV:L/AC:M/Au:N/C:N/I:N/A:C",
    "status" : "verified"
  },
  "details" : [ "The br_multicast_add_group function in net/bridge/br_multicast.c in the Linux kernel before 2.6.38, when a certain Ethernet bridge configuration is used, allows local users to cause a denial of service (memory corruption and system crash) by sending IGMP packets to a local interface." ],
  "statement" : "This issue did not affect the versions of the Linux kernel as shipped with Red\nHat Enterprise Linux 4, 5, and Red Hat Enterprise MRG as they did not include\nsupport for the bridge snooping functionality. A future update in Red Hat\nEnterprise Linux 6 may address this flaw.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 6",
    "release_date" : "2011-04-08T00:00:00Z",
    "advisory" : "RHSA-2011:0421",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6",
    "package" : "kernel-0:2.6.32-71.24.1.el6"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2011-0716\nhttps://nvd.nist.gov/vuln/detail/CVE-2011-0716" ],
  "name" : "CVE-2011-0716",
  "csaw" : false
}