Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   Ubuntu Kernel Team (http://www.linux-archive.org/ubuntu-kernel-team/)
-   -   APPLIED: dccp: fix oops on Reset after close (http://www.linux-archive.org/ubuntu-kernel-team/555365-applied-dccp-fix-oops-reset-after-close.html)

Tim Gardner 07-21-2011 08:20 PM

APPLIED: dccp: fix oops on Reset after close
 
On 07/21/2011 06:59 AM, Andy Whitcroft wrote:

CVE-2011-1093
The dccp_rcv_state_process function in net/dccp/input.c in the
Datagram Congestion Control Protocol (DCCP) implementation in
the Linux kernel before 2.6.38 does not properly handle packets
for a CLOSED endpoint, which allows remote attackers to cause a
denial of service (NULL pointer dereference and OOPS) by sending
a DCCP-Close packet followed by a DCCP-Reset packet.

The fix for this has hit lucid and later via mainline and stable.
Following this are two patches, the first for hardy, the second for
lucid/fsl-imx51 and maverick/ti-omap4. I all cases they are a simple
cherry-pick from the mainline commit as applied to the existing branches;
hardy differs in context only.

Proposing for hardy, lucid/fsl-imx51 and maverick/ti-omap4.

-apw




--
Tim Gardner tim.gardner@canonical.com

--
kernel-team mailing list
kernel-team@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/kernel-team


All times are GMT. The time now is 07:52 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.