oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE request -- Linux kernel: net: CIPSO_V4_TAG_LOCAL tag NULL pointer dereference

From: Kurt Seifried <kseifried () redhat com>
Date: Tue, 19 Feb 2013 17:44:36 -0700
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 02/19/2013 05:41 PM, Petr Matousek wrote:

The skb argument to cipso_v4_validate() is NULL when called via
the setsockopt() syscall. An local user able to set CIPSO IP
options on the socket could use this flaw to crash the system.

Upstream fix: 
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=89d7ae34cdda4195809a5a987f697a517a2a3177

 References: https://bugzilla.redhat.com/show_bug.cgi?id=912900

Thanks,



Please use CVE-2013-0310 for this issue.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)

iQIcBAEBAgAGBQJRJBx0AAoJEBYNRVNeJnmTiBwQAJlmqgsWghKYK01u84yZ62HL
wkMK0AXgZdQnv6teM9+33P/VEArPa2oIrZj7JtvLgn8ajM7hL7z+BphJSviZsYl3
lMx/tZRah+XSAxnksDm9q7ZN7BI05tzSMIDaeoKk9x+6WX7xHVc2VfhcUIUOnh/G
FbhSyEIw4LU9Ogj086KAepXqwHht9Ez/LvelP4yXEwd6vKIJgdC3zJ1ff+2GT3M7
tQaWT9OhWlFlxLIEh8X2t7qRbBNjmrNZDRWCnmHfKmN6+SDeWJkhsw9NBaFLscX2
Q5Ti2E1uRGW5XXuphhBQbOhMiOkj9glwu3pqVm+ci4TbWSjNOxThQgEEZa5XIrdJ
uMaW6ENMQT9GqF393R9cM0mU93WK2qTWq879o7hvgERxboboYYcP1MdLho0qORUL
rTR3sjkw1GlALHJ8iqMCo2NF2XF1bWl6X4Dh/J8d5bNMWHRhK7nlfL+weN/7BtLz
h+mfUholnRJQ/aokIsYS2IPK0xOqn0bTKsOwBxAo9v5qU9MZWrODLp1L14uYht9E
mrmLaeXDRbpzCADUBKCzlHo5CmUPNxBceTBKQLZNvzcH9aAmAeJZ+tZLocz2Q87l
AahSKmmNdJd3SVorjcbU1jBp8GE6CQ4+bE+ElsGdplEYrabUKXMQoIouyG3e/s4w
aejzDsAENgdsjYW68f81
=f/iD
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: