FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian Kernel

 
 
LinkBack Thread Tools
 
Old 11-12-2010, 01:26 PM
Julien Cristau
 
Default Bug#603158: CVE request: kernel: possible kernel oops from user MSS

retitle 603158 CVE-2010-4165: possible kernel oops from user MSS
kthxbye

fyi, CVE assigned

Cheers,
Julien

----- Forwarded message from Josh Bressers <bressers@redhat.com> -----

From: Josh Bressers <bressers@redhat.com>
Reply-To: oss-security@lists.openwall.com
Date: Fri, 12 Nov 2010 08:19:57 -0500 (EST)
To: oss-security@lists.openwall.com
Cc: "Steven M. Christey" <coley@linus.mitre.org>
Subject: Re: [oss-security] CVE request: kernel: possible kernel oops from
user MSS
Message-ID: <1301976200.802341289567997556.JavaMail.root@zmail 01.collab.prod.int.phx2.redhat.com>


----- "Eugene Teo" <eugene@redhat.com> wrote:

> With commit f5fff5dc8a7a3f395b0525c02ba92c95d42b7390, a user program
> can pass in TCP_MAXSEG of 12 (or TCPOLEN_TSTAMP_ALIGNED), and cause
> kernel oops with division by 0 in tcp_select_initial_window.
>
> Proposed patch:
> http://www.spinics.net/lists/netdev/msg146495.html
>
> Reference:
> http://www.spinics.net/lists/netdev/msg146405.html


Please use CVE-2010-4165.

Thanks.

--
JB


----- End forwarded message -----
 

Thread Tools




All times are GMT. The time now is 08:02 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org