oss-sec mailing list archives

CVE request netfilter connection tracking accounting.

From: Wade Mealing <wmealing () redhat com>
Date: Tue, 7 Apr 2015 20:38:21 -0400 (EDT)

Gday,

I'd like to request a CVE for an issue posted to netfilter-devel 
( http://marc.info/?l=netfilter-devel&m=140112364215200&w=2 ).
 
This issue can be classified as a denial of service.

From the bug report:


"I got the following OOPS with kernel 3.14.4 (debian backport for wheezy) on our 
internet gateway while trying to establish a new PPTP tunnel from a NAT-ed host.
Seems it's 100% reproductible"

The issue appears to be within netfilter connection tracking accounting, not specific
to PPTP or other helper protocols.

The flaw was introduced on Linux 3.6 and fixed on 3.15. The upstream fix is available ( See reference 1 )

Thank you.

Wade Mealing -- Red Hat Product Security

References:

1) http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=223b02d923ecd7c84cf9780bb3686f455d279279

Current thread:

CVE request netfilter connection tracking accounting. Wade Mealing (Apr 07)
- Re: CVE request netfilter connection tracking accounting. - Linux kernel cve-assign (Apr 08)