oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE request -- Linux kernel: veth: double-free in case of congestion

From: Kurt Seifried <kseifried () redhat com>
Date: Mon, 29 Apr 2013 13:22:08 -0600
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 04/29/2013 05:06 AM, Petr Matousek wrote:

Description of the problem: A flaw was found in the way Virtual
Ethernet driver implementation in the Linux kernel handled skbs in
case of congestion.

A remote attacker could potentially use this flaw to crash the
system.

Introduced in: 2.6.33-rc1

Fixed in: 2.6.34

Upstream fix: 
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6ec82562ffc6f297d0de36d65776cff8e5704867

 References: 
http://marc.info/?l=linux-netdev&m=127310770900442&w=3

Thanks,



Please use CVE-2013-2017for this issue.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)

iQIcBAEBAgAGBQJRfshgAAoJEBYNRVNeJnmTRwgP/RSfX9Tvi02MIsggTFqOxrny
21CM4h0oeOCDRQPCe4aABj52Uya5nn4x02+XACbEMCkpC9b+L3ktfSZe+g8H56iw
eVYeNDY7fTNcVq/xOYpFwefiDH+6JUgBYN/Fiz5fXIAdxipvrKbEAOsWqpjETFN7
0iN0K+DQGm6b63sy0z2yzqnprjyLeMBKQNhpGyk+0Dy7ggYIMyli9GDO9J52LtDg
8Wc4dpxLVPOuArtwQjG7tVaw+E4irBE6z8hnZ1/mGwLRGQI3sFTaFk2HnCV7E4fA
jeAkP+W3pBQnbgcqtqH5412Md5KUPBk2zYUpy973NtUWCvd0pnBhOQGB7qLYhEBX
8QFK7hv8d9+vC47WZrliMDHJV2cMisN142qxkgXuIm7rmM7+lc6l6HfZHKvqoE1n
5kLTejvHVYcyEzt61vYZAAXAYEsaTEya+Jw2fQL21guobEX82hg219XhrK1RwU3/
7rT2ah0TTDZTy3WE7Qf6zu9zufvZHTboI8+iEOSaZaR0wUYsJCT82oEE0abGu1V+
vu4bJ374KO+a36pIPVPncgysTPMHoj/vyuJu7sRPjwoOhwFMXJUJ/AlkHXD2uy/W
R7MO4RtyBcJuVdSZxE3pMoawSUxwtl2261TqR0wfzY1PnLGhdcazVdGNX98l9fkX
DFrZqBasDaHQeKnuvJ+n
=IVmh
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: