oss-sec mailing list archives

Re: CVE request - kernel: sctp: fix to calc the INIT/INIT-ACK chunk length correctly to set

From: Josh Bressers <bressers () redhat com>
Date: Mon, 11 Apr 2011 16:16:33 -0400 (EDT)

Please use CVE-2011-1573

Thanks.

-- 
    JB


----- Original Message -----

When calculating the INIT/INIT-ACK chunk length, we should not only
account the length of parameters, but also the parameters zero padding
length, such as AUTH HMACS parameter and CHUNKS parameter. Without the
parameters zero padding length we may get oops.

Commit:
http://git.kernel.org/linus/a8170c35e738d62e9919ce5b109cf4ed66e9

https://bugzilla.redhat.com/show_bug.cgi?id=695383

Thanks, Eugene
--
main(i) { putchar(182623909 >> (i-1) * 5&31|!!(i<7)<<6) && main(++i);
}

Current thread:

CVE request - kernel: sctp: fix to calc the INIT/INIT-ACK chunk length correctly to set Eugene Teo (Apr 11)
- Re: CVE request - kernel: sctp: fix to calc the INIT/INIT-ACK chunk length correctly to set Josh Bressers (Apr 11)