oss-sec mailing list archives
Re: Linux kernel: fixed bug in net/core/flow_dissector.c
From: Seth Arnold <seth.arnold () canonical com>
Date: Thu, 24 Aug 2017 11:03:14 -0700
On Thu, Aug 24, 2017 at 05:52:45PM +0300, Alexander Popov wrote:
I was asked to investigate a suspicious kernel crash on some Linux server. It is at least a remote DoS (and maybe RCE): Linux is crashed by receiving a single special MPLS packet. I bisected and found out that the bug was introduced in commit b3baa0fbd02a1a9d493d8cb92ae4a4491b9e9d13 And was later fixed it in commit a6e544b0a88b53114bfa5a57e21b7be7a8dfc9d0
Is it worth requesting a CVE ID for that issue?
I think it is, it's an easy way to make sure all downstream consumers are alerted to the issue. Thanks
Attachment:
signature.asc
Description:
Current thread:
- Linux kernel: fixed bug in net/core/flow_dissector.c Alexander Popov (Aug 24)
- Re: Linux kernel: fixed bug in net/core/flow_dissector.c Seth Arnold (Aug 24)
- Re: Linux kernel: fixed bug in net/core/flow_dissector.c Alexander Popov (Aug 29)
- Re: Linux kernel: fixed bug in net/core/flow_dissector.c Seth Arnold (Aug 24)