oss-sec mailing list archives
CVE request -- Linux kernel: net: CIPSO_V4_TAG_LOCAL tag NULL pointer dereference
From: Petr Matousek <pmatouse () redhat com>
Date: Wed, 20 Feb 2013 01:41:09 +0100
The skb argument to cipso_v4_validate() is NULL when called via the setsockopt() syscall. An local user able to set CIPSO IP options on the socket could use this flaw to crash the system. Upstream fix: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=89d7ae34cdda4195809a5a987f697a517a2a3177 References: https://bugzilla.redhat.com/show_bug.cgi?id=912900 Thanks, -- Petr Matousek / Red Hat Security Response Team
Current thread:
- CVE request -- Linux kernel: net: CIPSO_V4_TAG_LOCAL tag NULL pointer dereference Petr Matousek (Feb 19)
- Re: CVE request -- Linux kernel: net: CIPSO_V4_TAG_LOCAL tag NULL pointer dereference Kurt Seifried (Feb 19)