oss-sec mailing list archives
Re: CVE request -- Linux kernel: veth: double-free in case of congestion
From: Kurt Seifried <kseifried () redhat com>
Date: Mon, 29 Apr 2013 13:22:08 -0600
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 04/29/2013 05:06 AM, Petr Matousek wrote:
Description of the problem: A flaw was found in the way Virtual Ethernet driver implementation in the Linux kernel handled skbs in case of congestion. A remote attacker could potentially use this flaw to crash the system. Introduced in: 2.6.33-rc1 Fixed in: 2.6.34 Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6ec82562ffc6f297d0de36d65776cff8e5704867 References: http://marc.info/?l=linux-netdev&m=127310770900442&w=3 Thanks,
Please use CVE-2013-2017for this issue. - -- Kurt Seifried Red Hat Security Response Team (SRT) PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) iQIcBAEBAgAGBQJRfshgAAoJEBYNRVNeJnmTRwgP/RSfX9Tvi02MIsggTFqOxrny 21CM4h0oeOCDRQPCe4aABj52Uya5nn4x02+XACbEMCkpC9b+L3ktfSZe+g8H56iw eVYeNDY7fTNcVq/xOYpFwefiDH+6JUgBYN/Fiz5fXIAdxipvrKbEAOsWqpjETFN7 0iN0K+DQGm6b63sy0z2yzqnprjyLeMBKQNhpGyk+0Dy7ggYIMyli9GDO9J52LtDg 8Wc4dpxLVPOuArtwQjG7tVaw+E4irBE6z8hnZ1/mGwLRGQI3sFTaFk2HnCV7E4fA jeAkP+W3pBQnbgcqtqH5412Md5KUPBk2zYUpy973NtUWCvd0pnBhOQGB7qLYhEBX 8QFK7hv8d9+vC47WZrliMDHJV2cMisN142qxkgXuIm7rmM7+lc6l6HfZHKvqoE1n 5kLTejvHVYcyEzt61vYZAAXAYEsaTEya+Jw2fQL21guobEX82hg219XhrK1RwU3/ 7rT2ah0TTDZTy3WE7Qf6zu9zufvZHTboI8+iEOSaZaR0wUYsJCT82oEE0abGu1V+ vu4bJ374KO+a36pIPVPncgysTPMHoj/vyuJu7sRPjwoOhwFMXJUJ/AlkHXD2uy/W R7MO4RtyBcJuVdSZxE3pMoawSUxwtl2261TqR0wfzY1PnLGhdcazVdGNX98l9fkX DFrZqBasDaHQeKnuvJ+n =IVmh -----END PGP SIGNATURE-----
Current thread:
- CVE request -- Linux kernel: veth: double-free in case of congestion Petr Matousek (Apr 29)
- Re: CVE request -- Linux kernel: veth: double-free in case of congestion Kurt Seifried (Apr 29)