oss-sec mailing list archives

Re: CVE Request -- kernel: wrong headroom check in udp6_ufo_fragment()

From: Kurt Seifried <kurt () seifried org>
Date: Mon, 21 Nov 2011 09:07:49 -0700

On Mon, Nov 21, 2011 at 8:54 AM, Petr Matousek <pmatouse () redhat com> wrote:

"A bug was found in the way headroom check was performed in
udp6_ufo_fragment() function. A remote attacker could use this flaw to
crash the system."

Details:
http://bugzilla.redhat.com/show_bug.cgi?id=755584#c1

Upstream commit:
a9cf73ea7ff78f52662c8658d93c226effbbedde

References:
http://bugzilla.redhat.com/show_bug.cgi?id=755584
http://bugzilla.redhat.com/show_bug.cgi?id=682066

Thanks,
--
Petr Matousek / Red Hat Security Response Team


Sorry having some laptop/email issues. Please use CVE-2011-4326 for this issue.

-- 
Kurt Seifried
kurt () seifried org

Current thread:

CVE Request -- kernel: wrong headroom check in udp6_ufo_fragment() Petr Matousek (Nov 21)
- Re: CVE Request -- kernel: wrong headroom check in udp6_ufo_fragment() Kurt Seifried (Nov 21)