oss-sec mailing list archives
Re: Re: CVE request - Android kernel - IPv6 connect cause a denial of service
From: Hannes Frederic Sowa <hannes () stressinduktion org>
Date: Mon, 14 Dec 2015 22:34:49 +0100
On 11.12.2015 17:41, cve-assign () mitre org wrote:
net/ipv4/af_inet.c inet_autobindif (sk->sk_prot->get_port(sk, 0)) {if the sk->sk_prot->get_port is NULL[ an unanticipated condition ]Solution: if (sk->sk_prot->get_port &&sk->sk_prot->get_port(sk, 0)) {From: Hannes Frederic Sowa <hannes () stressinduktion org> Date: Wed, 9 Dec 2015 15:31:32 +0100I fear your solution just papers over the bug and will leave the port in a half initialized state.Use CVE-2015-8543 for the originally identified bug. We realize that, for example, http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/log/net/ipv4/af_inet.c has not yet been changed. If Linux kernel developers determine that multiple independent bugs result in situations where sk->sk_prot->get_port is NULL above, then it is possible that additional CVE IDs will be assigned later.
The following patch fixes this issue: https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=79462ad02e861803b3840cc782248c7359451cd9 It is queued up for -stable. Thanks, Hannes
Current thread:
- CVE request - Android kernel - IPv6 connect cause a denial of service 郭永刚 (Dec 09)
- Re: CVE request - Android kernel - IPv6 connect cause a denial of service Hannes Frederic Sowa (Dec 09)
- Re: CVE request - Android kernel - IPv6 connect cause a denial of service Robert Święcki (Dec 09)
- Re: CVE request - Android kernel - IPv6 connect cause a denial of service cve-assign (Dec 11)
- Re: Re: CVE request - Android kernel - IPv6 connect cause a denial of service Hannes Frederic Sowa (Dec 11)
- Re: Re: CVE request - Android kernel - IPv6 connect cause a denial of service Hannes Frederic Sowa (Dec 14)
- Re: Re: CVE request - Android kernel - IPv6 connect cause a denial of service Robert Święcki (Dec 14)
- Re: Re: CVE request - Android kernel - IPv6 connect cause a denial of service Hannes Frederic Sowa (Dec 14)