oss-sec mailing list archives
CVE request: Linux kernel: panic while appending data to a corked IPv6 socket in ip6_append_data_mtu
From: P J P <ppandit () redhat com>
Date: Wed, 24 Jul 2013 01:06:38 +0530 (IST)
Hi, Linux kernel built with the IPv6 networking support is vulnerable to a crash while appending data to an IPv6 socket with UDP_CORKED option set. UDP_CORK enables accumulating data and sending it as single datagram.An unprivileged user/program could use this flaw to crash the kernel, resulting in local DoS.
Upstream fix: ------------- -> https://git.kernel.org/linus/75a493e60ac4bbe2e977e7129d6d8cbb0dd236be Reference: ---------- -> https://bugzilla.redhat.com/show_bug.cgi?id=987633 Acknowledgements: ----------------- Red Hat would like to thank Hannes Frederic Sowa for reporting this issue. Thank you. -- Prasad J Pandit / Red Hat Security Response Team DB7A 84C5 D3F9 7CD1 B5EB C939 D048 7860 3655 602B
Current thread:
- CVE request: Linux kernel: panic while appending data to a corked IPv6 socket in ip6_append_data_mtu P J P (Jul 23)