oss-sec mailing list archives

CVE Request: Multiple remote denial of service in Linux bridge networking code 2.6.37-3.0

From: Marcus Meissner <meissner () suse de>
Date: Fri, 28 Oct 2011 10:06:42 +0200

Hi,

Linux kernel 2.6.37 introduced with this commit
        http://git.kernel.org/?p=linux/kernel/git/torvalds/linux.git;a=commit;h=462fb2af9788a82a534f8184abfde31574e1cfa0
several regressions that be used to trigger remote denial of service attacks when
bridging is in use.

Reporter thread is on:
        http://thread.gmane.org/gmane.linux.network/191713

Fixes are in git commits:
        http://git.kernel.org/?p=linux/kernel/git/torvalds/linux.git;a=commit;h=f8e9881c2aef1e982e5abc25c046820cd0b7cf64
                In 2.6.39
        http://git.kernel.org/?p=linux/kernel/git/torvalds/linux.git;a=commit;h=66944e1c5797562cebe2d1857d46dff60bf9a69e
                In 2.6.39
        http://git.kernel.org/?p=linux/kernel/git/torvalds/linux.git;a=commit;h=c65353daf137dd41f3ede3baf62d561fca076228
                In 3.0
        http://git.kernel.org/?p=linux/kernel/git/torvalds/linux.git;a=commit;h=10949550bd1e50cc91c0f5085f7080a44b0871fe
                In 3.0
So it can be considered fixed with Linux kernel 3.0.
Thanks to Eugene for looking up the commit ids.

I think it just needs one CVE, as it was one introducing patch.

Ciao, Marcus

Current thread:

CVE Request: Multiple remote denial of service in Linux bridge networking code 2.6.37-3.0 Marcus Meissner (Oct 28)
- Re: CVE Request: Multiple remote denial of service in Linux bridge networking code 2.6.37-3.0 Kurt Seifried (Oct 28)