oss-sec mailing list archives
CVE request: kernel: DCCP invalid options
From: Dan Rosenberg <dan.j.rosenberg () gmail com>
Date: Sun, 8 May 2011 14:54:51 -0400
On a providing a bad option length for certain DCCP options, a remote host may cause parsing to read beyond the bounds of the incoming packet. This may possibly cause a DoS by reading unmapped memory (if you're unlucky), or it may allow an attacker to infer the contents of kernel heap memory based on the parser's response. -Dan [1] http://marc.info/?l=linux-kernel&m=130468845209036&w=2
Current thread:
- CVE request: kernel: DCCP invalid options Dan Rosenberg (May 08)
- Re: CVE request: kernel: DCCP invalid options Eugene Teo (May 08)