Gentoo Full Text Bug Listing

Bug 113327 - Kernel: DoS through NAT conntack (CVE-2005-3275)

Bug#: 113327	Product: Gentoo Security	Version: unspecified	Platform: All
OS/Version: Linux	Status: RESOLVED	Severity: major	Priority: P2
Resolution: FIXED	Assigned To: security@gentoo.org	Reported By: koon@gentoo.org
Component: Kernel
URL:
Summary: Kernel: DoS through NAT conntack (CVE-2005-3275)
Keywords:
Status Whiteboard: [linux < 2.4.32] [linux >=2.6 < 2.6.13]
Opened: 2005-11-23 02:08 0000

Description:

Opened: 2005-11-23 02:08 0000

In Ubuntu's USN-219-1:

Patrick McHardy noticed a logic error in the network address
translation (NAT) connection tracker. A remote attacker could exploit
this by causing two packets for the same protocol to be NATed at the
same time, which resulted in a kernel crash. (CVE-2005-3275)

------- Comment #1 From Tim Yamin (RETIRED) 2005-11-26 09:20:03 0000 -------

Patch:

http://linux.bkbits.net:8080/linux-2.6/cset@42e14e05d0V1d88nZlaIX1F9dCRApA

------- Comment #2 From Tim Yamin (RETIRED) 2005-12-24 05:22:59 0000 -------

Adding 2.4 maintainers; {mips,openmosix,rsbac,xbox}-sources.

------- Comment #3 From Tim Yamin (RETIRED) 2006-01-02 15:40:05 0000 -------

Toggle status.

------- Comment #4 From Tim Yamin (RETIRED) 2006-03-11 10:24:44 0000 -------

MIPS, OpenMOSIX and rsbac -- a patch is still needed which is supplied on this
bug... Let me know if there are any problems with doing so.

------- Comment #5 From Tim Yamin (RETIRED) 2006-05-18 13:36:55 0000 -------

All resolved, closing...