oss-sec mailing list archives

Re: CVE Request: Multiple remote denial of service in Linux bridge networking code 2.6.37-3.0

From: Kurt Seifried <kseifried () redhat com>
Date: Fri, 28 Oct 2011 09:23:37 -0600

On 10/28/2011 02:06 AM, Marcus Meissner wrote:

Hi,

Linux kernel 2.6.37 introduced with this commit
      http://git.kernel.org/?p=linux/kernel/git/torvalds/linux.git;a=commit;h=462fb2af9788a82a534f8184abfde31574e1cfa0
several regressions that be used to trigger remote denial of service attacks when
bridging is in use.

Reporter thread is on:
      http://thread.gmane.org/gmane.linux.network/191713

Fixes are in git commits:
      http://git.kernel.org/?p=linux/kernel/git/torvalds/linux.git;a=commit;h=f8e9881c2aef1e982e5abc25c046820cd0b7cf64
              In 2.6.39
      http://git.kernel.org/?p=linux/kernel/git/torvalds/linux.git;a=commit;h=66944e1c5797562cebe2d1857d46dff60bf9a69e
              In 2.6.39
      http://git.kernel.org/?p=linux/kernel/git/torvalds/linux.git;a=commit;h=c65353daf137dd41f3ede3baf62d561fca076228
              In 3.0
      http://git.kernel.org/?p=linux/kernel/git/torvalds/linux.git;a=commit;h=10949550bd1e50cc91c0f5085f7080a44b0871fe
              In 3.0
So it can be considered fixed with Linux kernel 3.0.
Thanks to Eugene for looking up the commit ids.

I think it just needs one CVE, as it was one introducing patch.

Ciao, Marcus

Please use CVE-2011-4087 for this issue.

-- 

-Kurt Seifried / Red Hat Security Response Team

Current thread:

CVE Request: Multiple remote denial of service in Linux bridge networking code 2.6.37-3.0 Marcus Meissner (Oct 28)
- Re: CVE Request: Multiple remote denial of service in Linux bridge networking code 2.6.37-3.0 Kurt Seifried (Oct 28)