[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] kernel: ethtool: kernel buffer overflow in ETHTOOL_GRXCLSRLALL
From: akuster <akuster () mvista ! com>
Date: 2010-06-29 15:53:05
Message-ID: 4C2A16E1.4040101 () mvista ! com
[Download RAW message or body]
Eugene,
Thanks for the info. Unfortunately it does affect a few MontaVista
kernels. Is it possible to get a CVE for this?
Mahalo,
Armin
On 06/28/2010 04:10 PM, Eugene Teo wrote:
> FYI, "On a 32-bit machine, info.rule_cnt >= 0x40000000 leads to integer
> overflow and the buffer may be smaller than needed. Since
> ETHTOOL_GRXCLSRLALL is unprivileged, this can presumably be used for at
> least denial of service." This was introduced in v2.6.27-rc1 via
> upstream commit 0853ad66. Also see commit 59089d8d.
>
> Reference:
> http://thread.gmane.org/gmane.linux.network/164869
> https://bugzilla.redhat.com/show_bug.cgi?id=608950
>
> I'm not requesting a CVE name for this as it did not affect any of our
> Red Hat supported Linux kernels.
>
> Thanks, Eugene
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic