oss-sec mailing list archives
Re: CVE request - kernel: bridge br_multicast NULL pointer dereference
From: Josh Bressers <bressers () redhat com>
Date: Wed, 16 Feb 2011 08:44:08 -0500 (EST)
----- Original Message -----
"Somewhere along the line the NULL check in br_mdb_ip_get went AWOL, causing crashes when we receive an IGMP packet with no multicast table allocated. This patch restores it and ensures all br_mdb_*_get functions use it." http://git.kernel.org/linus/7f285fa78d4b81b8458f05e77fb6b46245121b4e Did a quick check: net/bridge/br_multicast.c was introduced in eb1d1641 (2.6.34-rc1), the check was removed in 8ef2a9a5 (v2.6.35-rc1), and subsequently restored in 7f285fa78d (v2.6.35-rc5).
Please use CVE-2011-0709. Thanks. -- JB
Current thread:
- CVE request - kernel: bridge br_multicast NULL pointer dereference Eugene Teo (Feb 16)
- Re: CVE request - kernel: bridge br_multicast NULL pointer dereference Josh Bressers (Feb 16)
- Re: CVE request - kernel: bridge br_multicast NULL pointer dereference Moritz Muehlenhoff (Feb 16)
- Re: CVE request - kernel: bridge br_multicast NULL pointer dereference Josh Bressers (Feb 16)