oss-sec mailing list archives

CVE request -- Linux kernel: veth: double-free in case of congestion

From: Petr Matousek <pmatouse () redhat com>
Date: Mon, 29 Apr 2013 13:06:09 +0200

Description of the problem:
A flaw was found in the way Virtual Ethernet driver implementation in
the Linux kernel handled skbs in case of congestion.

A remote attacker could potentially use this flaw to crash the system.

Introduced in:
2.6.33-rc1

Fixed in:
2.6.34

Upstream fix:
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6ec82562ffc6f297d0de36d65776cff8e5704867

References:
http://marc.info/?l=linux-netdev&m=127310770900442&w=3

Thanks,
-- 
Petr Matousek / Red Hat Security Response Team

Current thread:

CVE request -- Linux kernel: veth: double-free in case of congestion Petr Matousek (Apr 29)
- Re: CVE request -- Linux kernel: veth: double-free in case of congestion Kurt Seifried (Apr 29)