oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE request -- Linux kernel: net: CIPSO_V4_TAG_LOCAL tag NULL pointer dereference

From: Petr Matousek <pmatouse () redhat com>
Date: Wed, 20 Feb 2013 01:41:09 +0100
The skb argument to cipso_v4_validate() is NULL when called via the
setsockopt() syscall. An local user able to set CIPSO IP options on the
socket could use this flaw to crash the system.

Upstream fix:
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=89d7ae34cdda4195809a5a987f697a517a2a3177

References:
https://bugzilla.redhat.com/show_bug.cgi?id=912900

Thanks,
-- 
Petr Matousek / Red Hat Security Response Team
Previous By Date Next
Previous By Thread Next

Current thread: