oss-sec mailing list archives
Re: CVE request: kernel: DCCP invalid options
From: Eugene Teo <eugene () redhat com>
Date: Mon, 09 May 2011 09:59:38 +0800
On 05/09/2011 02:54 AM, Dan Rosenberg wrote:
On a providing a bad option length for certain DCCP options, a remote host may cause parsing to read beyond the bounds of the incoming packet. This may possibly cause a DoS by reading unmapped memory (if you're unlucky), or it may allow an attacker to infer the contents of kernel heap memory based on the parser's response. -Dan [1] http://marc.info/?l=linux-kernel&m=130468845209036&w=2
Use CVE-2011-1770. https://bugzilla.redhat.com/CVE-2011-1770 Thanks, Eugene
Current thread:
- CVE request: kernel: DCCP invalid options Dan Rosenberg (May 08)
- Re: CVE request: kernel: DCCP invalid options Eugene Teo (May 08)