oss-sec mailing list archives
Re: CVE-2009-1265 kernel: af_rose/x25: Sanity check the maximum user frame size
From: Willy Tarreau <w () 1wt eu>
Date: Wed, 8 Apr 2009 10:04:47 +0200
Hi Eugene, On Wed, Apr 08, 2009 at 03:58:55PM +0800, Eugene Teo wrote:
{nr,rose,x25}_sendmsg() functions need to have sanity checks on the
packet size, otherwise the sizes can wrap and end up sending garbage.
http://bugzilla.kernel.org/show_bug.cgi?id=10423
http://git.kernel.org/linus/83e0bbcbe2145f160fbaa109b0439dae7f4a38a9
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1265
This affects both 2.4.x and 2.6.x if CONFIG_{NETROM,ROSE,X25} are enabled.
I already have it in my queue, just did not have time to merge it yet. Thanks for the reminder anyway, I really appreciate it ;-) Willy
Current thread:
- CVE-2009-1265 kernel: af_rose/x25: Sanity check the maximum user frame size Eugene Teo (Apr 08)
- Re: CVE-2009-1265 kernel: af_rose/x25: Sanity check the maximum user frame size Willy Tarreau (Apr 08)
- Re: Re: CVE-2009-1265 kernel: af_rose/x25: Sanity check the maximum user frame size Eugene Teo (Apr 22)
- Re: Re: CVE-2009-1265 kernel: af_rose/x25: Sanity check the maximum user frame size Willy Tarreau (Apr 23)
- Re: Re: CVE-2009-1265 kernel: af_rose/x25: Sanity check the maximum user frame size Willy Tarreau (Jun 07)
- Re: Re: CVE-2009-1265 kernel: af_rose/x25: Sanity check the maximum user frame size Marcus Meissner (Apr 23)
- Re: Re: CVE-2009-1265 kernel: af_rose/x25: Sanity check the maximum user frame size Eugene Teo (Apr 23)
- Re: Re: CVE-2009-1265 kernel: af_rose/x25: Sanity check the maximum user frame size Marcus Meissner (Apr 23)
- Re: Re: CVE-2009-1265 kernel: af_rose/x25: Sanity check the maximum user frame size Eugene Teo (Apr 22)
- Re: CVE-2009-1265 kernel: af_rose/x25: Sanity check the maximum user frame size Willy Tarreau (Apr 08)