oss-sec mailing list archives

CVE request -- kernel: deficiency in processing igmp host membership reports in br_multicast

From: Petr Matousek <pmatouse () redhat com>
Date: Wed, 16 Feb 2011 19:09:32 -0500 (EST)

"It was found that executing bridge snooping code triggered by host
originated IGMP packets could cause corruption in 512-byte slabs,
most commonly leading to crashes in jbd2. This could be possibly
exploited by local unprivileged user to crash the host (DoS)."

References:
https://bugzilla.redhat.com/show_bug.cgi?id=678169
http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git;a=commitdiff;h=6b0d6a9b4296fa16a28d10d416db7a770fc03287

Thanks,
--
Petr Matousek / Red Hat Security Response Team

Current thread:

CVE request -- kernel: deficiency in processing igmp host membership reports in br_multicast Petr Matousek (Feb 16)
- Re: CVE request -- kernel: deficiency in processing igmp host membership reports in br_multicast Eugene Teo (Feb 16)