While researching these patches I stumbled across some further analysis
of this vulnerability by Eugene Teo at
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4251 in which he
includes a 2.6.35 patch from Eric Duzamet which really, really fixes the
you mean c377411f24 ("net: sk_add_backlog() take rmem_alloc into
account")? saw that, and is handled in another CVE in our db
(CVE-2010-4805), so i wanted to issue a subsequent pull.
Since both CVEs address the same issue, I wonder if we shouldn't just fix them
in the same patch set. Perhaps mark CVE-2010-4251 as a duplicate of CVE-2010-4805 ?
If it really is the same patch fixing both, it would be possible to have both
cves referenced there. As it sounds like they got another cve number for fixing
the fix it sounds more like a matter of submission.
It should work if Paolo marked the respective patches with the matching cve but
submitted them as one review. And anything prerequisite gets the cve number of
whatever was the first that needed it to apply...
let's do it in a single pull, shall we?
The following changes since commit 24292e1c2aa8faa18b39e090a5c41cc51626e069:
Linux 126.96.36.199+drm33.19 (2011-07-08 06:51:06 -0600)
are available in the git repository at:
Eric Dumazet (4):
ipv6: udp: Optimise multicast reception
ipv4: udp: Optimise multicast reception
udp: multicast RX should increment SNMP/sk_drops counter in
allocation failures CVE-2010-4251
net: sk_add_backlog() take rmem_alloc into account CVE-2010-4805
Zhu Yi (8):
net: add limit for socket backlog CVE-2010-4251
tcp: use limited socket backlog CVE-2010-4251
udp: use limited socket backlog CVE-2010-4251
llc: use limited socket backlog CVE-2010-4251
sctp: use limited socket backlog CVE-2010-4251
tipc: use limited socket backlog CVE-2010-4251
x25: use limited socket backlog CVE-2010-4251
net: backlog functions rename CVE-2010-4251