oss-sec mailing list archives
Re: CVE request: kernel: possible kernel oops from user MSS
From: Josh Bressers <bressers () redhat com>
Date: Fri, 12 Nov 2010 08:19:57 -0500 (EST)
----- "Eugene Teo" <eugene () redhat com> wrote:
With commit f5fff5dc8a7a3f395b0525c02ba92c95d42b7390, a user program can pass in TCP_MAXSEG of 12 (or TCPOLEN_TSTAMP_ALIGNED), and cause kernel oops with division by 0 in tcp_select_initial_window. Proposed patch: http://www.spinics.net/lists/netdev/msg146495.html Reference: http://www.spinics.net/lists/netdev/msg146405.html
Please use CVE-2010-4165.
Thanks.
--
JB
Current thread:
- CVE request: kernel: possible kernel oops from user MSS Eugene Teo (Nov 11)
- Re: CVE request: kernel: possible kernel oops from user MSS Josh Bressers (Nov 12)