'[oss-security] CVE-2011-1478 kernel: gro: reset dev and skb_iff on skb reuse'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] CVE-2011-1478 kernel: gro: reset dev and skb_iff on skb reuse
From:       Eugene Teo <eugene () redhat ! com>
Date:       2011-03-28 2:46:33
Message-ID: 4D8FF689.5050502 () redhat ! com
[Download RAW message or body]

https://bugzilla.redhat.com/CVE-2011-1478

There is an issue in the core GRO code where an skb belonging to an 
unknown VLAN is reused as we don't reset skb->dev in the reuse case. 
This could result in a NULL pointer dereference.

6d152e23ad1a7a5b40fef1f42e017d66e6115159 gro: reset skb_iif on reuse
66c46d741e2e60f0e8b625b80edb0ab820c46d7a gro: Reset dev pointer on reuse

Thanks, Eugene
-- 
main(i) { putchar(182623909 >> (i-1) * 5&31|!!(i<7)<<6) && main(++i); }
[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic