oss-sec mailing list archives
Re: CVE request: kernel: dccp: fix oops on Reset after close
From: Josh Bressers <bressers () redhat com>
Date: Tue, 8 Mar 2011 15:50:04 -0500 (EST)
Please use CVE-2011-1093 Thanks. -- JB ----- Original Message -----
https://bugzilla.redhat.com/682954 http://git.kernel.org/linus/720dc34bbbe9493c7bd48b2243058b4e447a929d "This fixes a bug in the order of dccp_rcv_state_process() that still permitted reception even after closing the socket. A Reset after close thus causes a NULL pointer dereference by not preventing operations on an already torn-down socket." Thanks, Eugene -- main(i) { putchar(182623909 >> (i-1) * 5&31|!!(i<7)<<6) && main(++i); }
Current thread:
- CVE request: kernel: dccp: fix oops on Reset after close Eugene Teo (Mar 07)
- Re: CVE request: kernel: dccp: fix oops on Reset after close Josh Bressers (Mar 08)