Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 85478 - Netfilter-related local DoS (CAN-2005-0210)
Summary: Netfilter-related local DoS (CAN-2005-0210)
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Kernel (show other bugs)
Hardware: All All
: High normal (vote)
Assignee: Gentoo Security
URL: http://www.ubuntulinux.org/support/do...
Whiteboard: [linux < 2.6.11]
Keywords:
Depends on:
Blocks:
 
Reported: 2005-03-16 02:19 UTC by Thierry Carrez (RETIRED)
Modified: 2009-05-03 15:00 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments
Patch (85478.patch,772 bytes, patch)
2005-04-09 11:38 UTC, Tim Yamin (RETIRED)
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Thierry Carrez (RETIRED) gentoo-dev 2005-03-16 02:19:53 UTC
The Netfilter code also contained a memory leak. Certain locally
generated packet fragments are reassembled twice, which caused a
double allocation of a data structure. This could be locally exploited
to crash the machine due to kernel memory exhaustion. (CAN-2005-0210)
Comment 1 Thierry Carrez (RETIRED) gentoo-dev 2005-03-16 03:16:29 UTC
Mass-Ccing kern-sec@gentoo.org to make sure Kernel Security guys know about all
of these...
Comment 2 Tim Yamin (RETIRED) gentoo-dev 2005-04-09 11:38:08 UTC
Created attachment 55778 [details, diff]
Patch
Comment 3 Joshua Kinard gentoo-dev 2005-04-23 22:26:43 UTC
mips-sources fixed.
Comment 4 Daniel Drake (RETIRED) gentoo-dev 2005-04-27 13:40:45 UTC
gentoo-sources-2.6 unaffected
Comment 5 Tim Yamin (RETIRED) gentoo-dev 2005-08-15 15:43:15 UTC
All fixed, closing bug.