oss-sec mailing list archives
Re: CVE request -- Linux kernel: net: CIPSO_V4_TAG_LOCAL tag NULL pointer dereference
From: Kurt Seifried <kseifried () redhat com>
Date: Tue, 19 Feb 2013 17:44:36 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 02/19/2013 05:41 PM, Petr Matousek wrote:
The skb argument to cipso_v4_validate() is NULL when called via the setsockopt() syscall. An local user able to set CIPSO IP options on the socket could use this flaw to crash the system. Upstream fix: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=89d7ae34cdda4195809a5a987f697a517a2a3177 References: https://bugzilla.redhat.com/show_bug.cgi?id=912900 Thanks,
Please use CVE-2013-0310 for this issue. - -- Kurt Seifried Red Hat Security Response Team (SRT) PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) iQIcBAEBAgAGBQJRJBx0AAoJEBYNRVNeJnmTiBwQAJlmqgsWghKYK01u84yZ62HL wkMK0AXgZdQnv6teM9+33P/VEArPa2oIrZj7JtvLgn8ajM7hL7z+BphJSviZsYl3 lMx/tZRah+XSAxnksDm9q7ZN7BI05tzSMIDaeoKk9x+6WX7xHVc2VfhcUIUOnh/G FbhSyEIw4LU9Ogj086KAepXqwHht9Ez/LvelP4yXEwd6vKIJgdC3zJ1ff+2GT3M7 tQaWT9OhWlFlxLIEh8X2t7qRbBNjmrNZDRWCnmHfKmN6+SDeWJkhsw9NBaFLscX2 Q5Ti2E1uRGW5XXuphhBQbOhMiOkj9glwu3pqVm+ci4TbWSjNOxThQgEEZa5XIrdJ uMaW6ENMQT9GqF393R9cM0mU93WK2qTWq879o7hvgERxboboYYcP1MdLho0qORUL rTR3sjkw1GlALHJ8iqMCo2NF2XF1bWl6X4Dh/J8d5bNMWHRhK7nlfL+weN/7BtLz h+mfUholnRJQ/aokIsYS2IPK0xOqn0bTKsOwBxAo9v5qU9MZWrODLp1L14uYht9E mrmLaeXDRbpzCADUBKCzlHo5CmUPNxBceTBKQLZNvzcH9aAmAeJZ+tZLocz2Q87l AahSKmmNdJd3SVorjcbU1jBp8GE6CQ4+bE+ElsGdplEYrabUKXMQoIouyG3e/s4w aejzDsAENgdsjYW68f81 =f/iD -----END PGP SIGNATURE-----
Current thread:
- CVE request -- Linux kernel: net: CIPSO_V4_TAG_LOCAL tag NULL pointer dereference Petr Matousek (Feb 19)
- Re: CVE request -- Linux kernel: net: CIPSO_V4_TAG_LOCAL tag NULL pointer dereference Kurt Seifried (Feb 19)