[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] kernel; CVE-2011-2942 and CVE-2011-3209
From: Eugene Teo <eugene () redhat ! com>
Date: 2011-10-24 9:16:32
Message-ID: 4EA52CF0.8060009 () redhat ! com
[Download RAW message or body]
CVE-2011-2942; In the br_forward_finish() function, we may call kfree()
on the skb we are forwarding, and so, after it, we should not
dereference skb->dev pointer. With the fix, we save skb->dev before
calling the br_forward_finish() function, so that we can use it
afterwards. It's a regression from a commit that we have backported to
our kernels. It doesn't affect the upstream kernel as the code was
rewritten.
https://bugzilla.redhat.com/CVE-2011-2942
https://www.redhat.com/security/data/cve/CVE-2011-2942.html
CVE-2011-3209; divide error issue in the clock implementation.
http://git.kernel.org/linus/f8bd2258e2d520dff28c855658bd24bdafb5102d
https://bugzilla.redhat.com/CVE-2011-3209
https://www.redhat.com/security/data/cve/CVE-2011-3209.html
Thanks, Eugene
--
Eugene Teo / Red Hat Security Response Team
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic