Linux Archive

Linux Archive (
-   Ubuntu Kernel Team (
-   -   APPLIED: CVE-2010-4251 v2 (

Tim Gardner 07-12-2011 05:56 PM

APPLIED: CVE-2010-4251 v2
On 07/12/2011 09:51 AM, Paolo Pisati wrote:

On 07/12/2011 11:01 AM, Stefan Bader wrote:

On 11.07.2011 18:14, Tim Gardner wrote:

On 07/11/2011 10:03 AM, Paolo Pisati wrote:

On 07/11/2011 05:23 PM, Tim Gardner wrote:

While researching these patches I stumbled across some further analysis
of this vulnerability by Eugene Teo at in which he
includes a 2.6.35 patch from Eric Duzamet which really, really fixes the

you mean c377411f24 ("net: sk_add_backlog() take rmem_alloc into
account")? saw that, and is handled in another CVE in our db
(CVE-2010-4805), so i wanted to issue a subsequent pull.

Since both CVEs address the same issue, I wonder if we shouldn't just fix them
in the same patch set. Perhaps mark CVE-2010-4251 as a duplicate of CVE-2010-4805 ?


If it really is the same patch fixing both, it would be possible to have both
cves referenced there. As it sounds like they got another cve number for fixing
the fix it sounds more like a matter of submission.
It should work if Paolo marked the respective patches with the matching cve but
submitted them as one review. And anything prerequisite gets the cve number of
whatever was the first that needed it to apply...

let's do it in a single pull, shall we?

The following changes since commit 24292e1c2aa8faa18b39e090a5c41cc51626e069:

Linux (2011-07-08 06:51:06 -0600)

are available in the git repository at:
git:// master-next

Eric Dumazet (4):
ipv6: udp: Optimise multicast reception
ipv4: udp: Optimise multicast reception
udp: multicast RX should increment SNMP/sk_drops counter in
allocation failures CVE-2010-4251
net: sk_add_backlog() take rmem_alloc into account CVE-2010-4805

Zhu Yi (8):
net: add limit for socket backlog CVE-2010-4251
tcp: use limited socket backlog CVE-2010-4251
udp: use limited socket backlog CVE-2010-4251
llc: use limited socket backlog CVE-2010-4251
sctp: use limited socket backlog CVE-2010-4251
tipc: use limited socket backlog CVE-2010-4251
x25: use limited socket backlog CVE-2010-4251
net: backlog functions rename CVE-2010-4251

include/net/sock.h | 26 +++++++++++-
net/core/sock.c | 19 ++++++++-
net/dccp/minisocks.c | 2 +-
net/ipv4/tcp_ipv4.c | 6 ++-
net/ipv4/tcp_minisocks.c | 2 +-
net/ipv4/udp.c | 96
net/ipv6/tcp_ipv6.c | 6 ++-
net/ipv6/udp.c | 97
net/llc/llc_c_ac.c | 2 +-
net/llc/llc_conn.c | 3 +-
net/sctp/input.c | 42 +++++++++++++-------
net/tipc/socket.c | 6 ++-
net/x25/x25_dev.c | 2 +-
13 files changed, 225 insertions(+), 84 deletions(-)

Same as the previous patch series, plus the 2010-4805 patch.

Tim Gardner

kernel-team mailing list

All times are GMT. The time now is 12:59 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.