Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 254907 (CVE-2009-0065) - Kernel: Buffer overflow in net/sctp/sm_statefuns.c (CVE-2009-0065)
Summary: Kernel: Buffer overflow in net/sctp/sm_statefuns.c (CVE-2009-0065)
Status: RESOLVED FIXED
Alias: CVE-2009-0065
Product: Gentoo Security
Classification: Unclassified
Component: Kernel (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo Security
URL: http://git.kernel.org/?p=linux/kernel...
Whiteboard: [linux <2.6.27.13] [linux >=2.6.28 <2...
Keywords:
Depends on:
Blocks:
 
Reported: 2009-01-13 23:49 UTC by Stefan Behte (RETIRED)
Modified: 2013-09-12 04:41 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Stefan Behte (RETIRED) gentoo-dev Security 2009-01-13 23:49:08 UTC 
CVE-2009-0065 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0065):
  Buffer overflow in net/sctp/sm_statefuns.c in the Stream Control
  Transmission Protocol (sctp) implementation in the Linux kernel
  before 2.6.28-git8 allows remote attackers to have an unknown impact
  via an FWD-TSN (aka FORWARD-TSN) chunk with a large stream ID.
Comment 1 Stefan Behte (RETIRED) gentoo-dev Security 2009-05-05 20:42:10 UTC 
This is remotely exploitable and gives a Rootshell, see http://kernelbof.blogspot.com/2009/04/kernel-memory-corruptions-are-not-just.html
SCTP is not enabled by default AFAIK, but we still might want to patch this a bit faster...
Comment 2 Gordon Malm (RETIRED) gentoo-dev 2009-05-05 20:57:16 UTC 
Already fixed in all hardened kernels.
Comment 3 kfm 2009-07-21 21:36:55 UTC 
RE Comment 2 - Indeed. Removing alias.

PS: genpatches-2.6.27-11 added 2.6.27.13. genpatches-2.6.28-3 added 2.6.28.2. hardened-sources-2.6.25-r13 is unaffected as the patch was added independently in the preceding patchset.