FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Ubuntu > Ubuntu Kernel Team

 
 
LinkBack Thread Tools
 
Old 07-08-2011, 02:46 AM
Tim Gardner
 
Default APPLIED: dccp: handle invalid feature options length

On 07/07/2011 04:12 PM, Andy Whitcroft wrote:

CVE-2011-1770
Integer underflow in the dccp_parse_options function
(net/dccp/options.c) in the Linux kernel before 2.6.33.14 allows
remote attackers to cause a denial of service via a Datagram
Congestion Control Protocol (DCCP) packet with an invalid feature
options length, which triggers a buffer over-read.

This problem was introduced in v2.6.29-rc1 and therefore does not affect
hardy. The fix for this has already hit lucid, natty, and oneiric via
mainline and stable. Following this email is a patch for: lucid/fsl-imx51,
maverick, maverick/ti-omap4, and natty/ti-omap4; this is a clean
cherry-pick from the upstream commit.

Proposing for lucid/fsl-imx51, maverick, maverick/ti-omap4, and natty/ti-omap4.

-apw




--
Tim Gardner tim.gardner@canonical.com

--
kernel-team mailing list
kernel-team@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/kernel-team
 

Thread Tools




All times are GMT. The time now is 01:54 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org