oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE requests - kernel network vulns

From: Josh Bressers <bressers () redhat com>
Date: Thu, 5 May 2011 15:44:16 -0400 (EDT)
----- Original Message -----

On 02/18/2010 01:12 PM, Eugene Teo wrote:

1) gre: fix netns vs proto registration ordering
http://patchwork.ozlabs.org/patch/45553/

"GRE protocol receive hook can be called right after protocol addition
is done. If netns stuff is not yet initialized, we're going to oops in
net_generic().

This is remotely oopsable if ip_gre is compiled as module and packet
comes at unfortunate moment of module loading."


Use CVE-2011-1767



2) tunnels: fix netns vs proto registration ordering
http://patchwork.ozlabs.org/patch/45554/

"Same stuff as in ip_gre patch: receive hook can be called before netns
setup is done, oopsing in net_generic()."




Use CVE-2011-1768

Thanks.

-- 
    JB
Previous By Date Next
Previous By Thread Next

Current thread: