oss-sec mailing list archives
Re: CVE request - kernel: sctp: fix to calc the INIT/INIT-ACK chunk length correctly to set
From: Josh Bressers <bressers () redhat com>
Date: Mon, 11 Apr 2011 16:16:33 -0400 (EDT)
Please use CVE-2011-1573 Thanks. -- JB ----- Original Message -----
When calculating the INIT/INIT-ACK chunk length, we should not only account the length of parameters, but also the parameters zero padding length, such as AUTH HMACS parameter and CHUNKS parameter. Without the parameters zero padding length we may get oops. Commit: http://git.kernel.org/linus/a8170c35e738d62e9919ce5b109cf4ed66e9 https://bugzilla.redhat.com/show_bug.cgi?id=695383 Thanks, Eugene -- main(i) { putchar(182623909 >> (i-1) * 5&31|!!(i<7)<<6) && main(++i); }
Current thread:
- CVE request - kernel: sctp: fix to calc the INIT/INIT-ACK chunk length correctly to set Eugene Teo (Apr 11)
- Re: CVE request - kernel: sctp: fix to calc the INIT/INIT-ACK chunk length correctly to set Josh Bressers (Apr 11)