oss-sec mailing list archives

Re: CVE request: X.25 remote DoS

From: Eugene Teo <eugene () redhat com>
Date: Thu, 04 Nov 2010 17:59:10 +0800

On 11/04/2010 06:15 AM, Dan Rosenberg wrote:

Due to bad parsing of malformed X.25 facilities, a remote attacker can
cause a kernel panic due to heap corruption (assuming both parties are
communicating using X.25).  Since the below post, the X.25 maintainer
has confirmed the issue.

Reference:
http://marc.info/?l=linux-netdev&m=128871017529408&w=2


Please use CVE-2010-3873.

Thanks, Eugene
--
main(i) { putchar(182623909 >> (i-1) * 5&31|!!(i<7)<<6) && main(++i); }

Current thread:

CVE request: X.25 remote DoS Dan Rosenberg (Nov 03)
- Re: CVE request: X.25 remote DoS Eugene Teo (Nov 04)