oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE request: kernel: inet_diag: fix inet_diag_bc_audit()

From: Eugene Teo <eugene () redhat com>
Date: Mon, 20 Jun 2011 09:50:45 +0800
[PATCH] inet_diag: fix inet_diag_bc_audit()

A malicious user or buggy application can inject code and trigger an
infinite loop in inet_diag_bc_audit()

Also make sure each instruction is aligned on 4 bytes boundary, to avoid
unaligned accesses.

Reported-by: Dan Rosenberg <drosenberg () vsecurity com>

http://thread.gmane.org/gmane.linux.network/197206/focus=197386
http://patchwork.ozlabs.org/patch/100857/
https://bugzilla.redhat.com/show_bug.cgi?id=714536

Thanks, Eugene
Previous By Date Next
Previous By Thread Next

Current thread: