oss-sec mailing list archives
Re: CVE request: Linux kernel: panic while appending data to a corked IPv6 socket in ip6_append_data_mtu
From: Kurt Seifried <kseifried () redhat com>
Date: Tue, 23 Jul 2013 13:52:59 -0600
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 07/23/2013 01:36 PM, P J P wrote:
Hi, Linux kernel built with the IPv6 networking support is vulnerable to a crash while appending data to an IPv6 socket with UDP_CORKED option set. UDP_CORK enables accumulating data and sending it as single datagram. An unprivileged user/program could use this flaw to crash the kernel, resulting in local DoS. Upstream fix: ------------- -> https://git.kernel.org/linus/75a493e60ac4bbe2e977e7129d6d8cbb0dd236be Reference: ---------- -> https://bugzilla.redhat.com/show_bug.cgi?id=987633 Acknowledgements: ----------------- Red Hat would like to thank Hannes Frederic Sowa for reporting this issue. Thank you. -- Prasad J Pandit / Red Hat Security Response Team DB7A 84C5 D3F9 7CD1 B5EB C939 D048 7860 3655 602B
Please use CVE-2013-4163 for this issue. - -- Kurt Seifried Red Hat Security Response Team (SRT) PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) iQIcBAEBAgAGBQJR7t8bAAoJEBYNRVNeJnmTFv4QAJOWescZj0nhdpKxBAKxmpup /23aw/8sY4wZ/L7lOakx5PaF3Ia15ZAknTjNqzio0UvjyDONZFOOZXdEde3IuS3J WJ5OiyisccJrGEuKTEa/rhwr1zAS/R/7QwSMZIDMHpgQGustSFpQKCH2TCCdiPFu Fm6hINLG0GBotCzmOOd10bJBFDMMHzCLc2lbHM8/cJXcbXR60D8G1WO6jWhD7hg8 HYF9/64A44wmJG+13Pq4GUj4yCAFyVUrUMdRIjDNmAa4Y0x52/P83vY+Xer5nwt0 ZivlPqD0/NqqlfIf+bPAU6t0v/7ZIPBxVbdh7rJTSF5PY/zVnLGzFi9BiQxnufkc F874zW0hPXZ0QwHr2MFNdKHizgibepOi5NAScPULXvnkmUNSElqiWK98uiH/WX1z bANKu4tOh7+FnWBugi7gPBwz5j7+8uk4XVj+2kaKnHO2WlJBuxxSjGvAZuPcaowb C3rM3n9eL8Ye2O/bSV0eYV0583CB3x/xXy8WHwUt6yMqjsUZP1lTnXbRYAdt10U4 v+hstzsX9MhZV9eb17/ilBIh/8y/GjJOCijZ/C7WkeDYrgF6djHpbVT/ClRVhaLg lcED9/fp4JmgnRdRLuaRd++bBYA1NuIuhzXrish8ILRa4cIuXongwgx5fQadACaA sWbHTXj762d+jjSG75GP =6ulD -----END PGP SIGNATURE-----
Current thread:
- CVE request: Linux kernel: panic while appending data to a corked IPv6 socket in ip6_append_data_mtu P J P (Jul 23)
- Re: CVE request: Linux kernel: panic while appending data to a corked IPv6 socket in ip6_append_data_mtu Seth Arnold (Jul 23)
- Re: CVE request: Linux kernel: panic while appending data to a corked IPv6 socket in ip6_append_data_mtu Kurt Seifried (Jul 23)