Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 81195 - Kernel: Remote oops/firewall bypasses (CAN-2005-{0209,0449})
Summary: Kernel: Remote oops/firewall bypasses (CAN-2005-{0209,0449})
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Kernel (show other bugs)
Hardware: All All
: High critical (vote)
Assignee: Gentoo Security
URL:
Whiteboard: [linux < 2.6.11]
Keywords:
Depends on:
Blocks:
 
Reported: 2005-02-07 22:43 UTC by Sune Kloppenborg Jeppesen (RETIRED)
Modified: 2009-07-13 19:24 UTC (History)
5 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments
2.4 Patch (2.4-81195.patch,11.18 KB, patch)
2005-03-29 07:44 UTC, Tim Yamin (RETIRED)
no flags Details | Diff
2.6 Compound Patch (2.6-81195.patch,10.94 KB, patch)
2005-03-29 07:45 UTC, Tim Yamin (RETIRED)
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2005-02-07 22:43:29 UTC
Herbert Xu made me aware of a security relevant problem (remote
opps/firewall bypass) in the netdev code. I did not see it on
vendor-sec yet.

  http://linux.bkbits.net:8080/linux-2.5/cset@41f8843a8ZMCNuP3meYAYnnXd3CO_g

(It changes the ABI, unfortunately).

I think this is the relevant thread:

  http://oss.sgi.com/archives/netdev/2005-01/msg01036.html
Comment 1 Thierry Carrez (RETIRED) gentoo-dev 2005-03-16 02:17:10 UTC
The above patch is CAN-2005-0449 (SMP, linux-2.6 only)

Another similar issue, from Ubuntu recent kernel updates:

A remote Denial of Service vulnerability was discovered in the
Netfilter IP packet handler. This allowed a remote attacker to crash
the machine by sending specially crafted IP packet fragments.
Affects only certain NICS, linux-2.6 only (CAN-2005-0209)

Patch:
http://linux.bkbits.net:8080/linux-2.6/cset%4041f59581p1swNaow4K1aBglV-q2jfQ
Comment 2 Thierry Carrez (RETIRED) gentoo-dev 2005-03-16 03:16:38 UTC
Mass-Ccing kern-sec@gentoo.org to make sure Kernel Security guys know about all
of these...
Comment 3 Daniel Drake (RETIRED) gentoo-dev 2005-03-16 05:52:13 UTC
gentoo-dev-sources unaffected
Comment 4 Thierry Carrez (RETIRED) gentoo-dev 2005-03-26 09:02:17 UTC
According to this thread :
http://oss.sgi.com/archives/netdev/2005-01/msg01191.html

CAN-2005-0449 also applies to the 2.4-line.
Comment 5 Tim Yamin (RETIRED) gentoo-dev 2005-03-29 07:44:50 UTC
Created attachment 54763 [details, diff]
2.4 Patch
Comment 6 Tim Yamin (RETIRED) gentoo-dev 2005-03-29 07:45:49 UTC
Created attachment 54764 [details, diff]
2.6 Compound Patch
Comment 7 Joshua Kinard gentoo-dev 2005-04-23 22:24:28 UTC
mips-sources fixed.
Comment 8 Tim Yamin (RETIRED) gentoo-dev 2005-05-02 10:28:19 UTC
CCing maintainers:

grsec-sources: CCing solar
hardened-sources: CCing hardened
openmosix-sources: CCing cluster
rsbac-sources: CCing kang
sparc-sources: CCing joker
Comment 9 solar (RETIRED) gentoo-dev 2005-05-02 10:43:37 UTC
Marking the existing 2.4.30 kernels stable fixes this right?
Comment 10 Konstantin Arkhipov (RETIRED) gentoo-dev 2005-05-07 06:05:03 UTC
oM-sources-2.4.30-r1 goes stable.
Comment 11 Tim Yamin (RETIRED) gentoo-dev 2005-08-20 11:29:43 UTC
All fixed, closing bug.
Comment 12 Tim Yamin (RETIRED) gentoo-dev 2005-08-20 11:32:14 UTC
kang: rsbac-2.4 still needs this.
Comment 13 Tim Yamin (RETIRED) gentoo-dev 2005-11-26 02:29:05 UTC
All fixed, closing.