113327 2005-11-23 02:08 0000 Kernel: DoS through NAT conntack (CVE-2005-3275) 2009-05-03 15:51:41 0000 1 1 1 Unclassified Gentoo Security Kernel unspecified All Linux RESOLVED FIXED [linux < 2.4.32] [linux >=2.6 < 2.6.13] P2 major --- 112791 1 koon@gentoo.org security@gentoo.org gimli@gentoo.org hp-cluster@gentoo.org kang@gentoo.org kern-sec@gentoo.org kumba@gentoo.org koon@gentoo.org 2005-11-23 02:08:01 0000 In Ubuntu's USN-219-1: Patrick McHardy noticed a logic error in the network address translation (NAT) connection tracker. A remote attacker could exploit this by causing two packets for the same protocol to be NATed at the same time, which resulted in a kernel crash. (CVE-2005-3275) plasmaroo@gentoo.org 2005-11-26 09:20:03 0000 Patch: http://linux.bkbits.net:8080/linux-2.6/cset@42e14e05d0V1d88nZlaIX1F9dCRApA plasmaroo@gentoo.org 2005-12-24 05:22:59 0000 Adding 2.4 maintainers; {mips,openmosix,rsbac,xbox}-sources. plasmaroo@gentoo.org 2006-01-02 15:40:05 0000 Toggle status. plasmaroo@gentoo.org 2006-03-11 10:24:44 0000 MIPS, OpenMOSIX and rsbac -- a patch is still needed which is supplied on this bug... Let me know if there are any problems with doing so. plasmaroo@gentoo.org 2006-05-18 13:36:55 0000 All resolved, closing...