[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] CVE request -- Linux kernel: veth: double-free in case of congestion
From: Kurt Seifried <kseifried () redhat ! com>
Date: 2013-04-29 19:22:08
Message-ID: 517EC860.7020808 () redhat ! com
[Download RAW message or body]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 04/29/2013 05:06 AM, Petr Matousek wrote:
> Description of the problem: A flaw was found in the way Virtual
> Ethernet driver implementation in the Linux kernel handled skbs in
> case of congestion.
>
> A remote attacker could potentially use this flaw to crash the
> system.
>
> Introduced in: 2.6.33-rc1
>
> Fixed in: 2.6.34
>
> Upstream fix:
> https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6ec82562ffc6f297d0de36d65776cff8e5704867
>
> References:
> http://marc.info/?l=linux-netdev&m=127310770900442&w=3
>
> Thanks,
>
Please use CVE-2013-2017for this issue.
- --
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
iQIcBAEBAgAGBQJRfshgAAoJEBYNRVNeJnmTRwgP/RSfX9Tvi02MIsggTFqOxrny
21CM4h0oeOCDRQPCe4aABj52Uya5nn4x02+XACbEMCkpC9b+L3ktfSZe+g8H56iw
eVYeNDY7fTNcVq/xOYpFwefiDH+6JUgBYN/Fiz5fXIAdxipvrKbEAOsWqpjETFN7
0iN0K+DQGm6b63sy0z2yzqnprjyLeMBKQNhpGyk+0Dy7ggYIMyli9GDO9J52LtDg
8Wc4dpxLVPOuArtwQjG7tVaw+E4irBE6z8hnZ1/mGwLRGQI3sFTaFk2HnCV7E4fA
jeAkP+W3pBQnbgcqtqH5412Md5KUPBk2zYUpy973NtUWCvd0pnBhOQGB7qLYhEBX
8QFK7hv8d9+vC47WZrliMDHJV2cMisN142qxkgXuIm7rmM7+lc6l6HfZHKvqoE1n
5kLTejvHVYcyEzt61vYZAAXAYEsaTEya+Jw2fQL21guobEX82hg219XhrK1RwU3/
7rT2ah0TTDZTy3WE7Qf6zu9zufvZHTboI8+iEOSaZaR0wUYsJCT82oEE0abGu1V+
vu4bJ374KO+a36pIPVPncgysTPMHoj/vyuJu7sRPjwoOhwFMXJUJ/AlkHXD2uy/W
R7MO4RtyBcJuVdSZxE3pMoawSUxwtl2261TqR0wfzY1PnLGhdcazVdGNX98l9fkX
DFrZqBasDaHQeKnuvJ+n
=IVmh
-----END PGP SIGNATURE-----
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic