Home | Docs | Forums | Lists | Bugs | Planet | Store | GMN | Get Gentoo!
| Bug#: 154323 | Product: Gentoo Security | Version: unspecified | Platform: All |
| OS/Version: Linux | Status: RESOLVED | Severity: normal | Priority: P2 |
| Resolution: FIXED | Assigned To: security@gentoo.org | Reported By: jaervosz@gentoo.org | |
| Component: Kernel | |||
| URL: http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.18.y.git;a=commit;h=d0239f35c7ae63dbe715b1cc66e4860c2cb33154 | |||
| Summary: Kernel: Fix ipv6 wedge via flowlabel procfs (CVE-2006-5619) | |||
| Keywords: | |||
| Status Whiteboard: [linux <2.6.16.31] [linux >=2.6.17 <2.6.18.2] | |||
| Opened: 2006-11-07 00:40 0000 | |||
| Description: | Opened: 2006-11-07 00:40 0000 |
The seqfile handling (ip6fl_get_n function in ip6_flowlabel.c) in Linux kernel 2.6 up to 2.6.18-stable allows local users to cause a denial of service (hang or oops) via unspecified manipulations that trigger an infinite loop while searching for flowlabels.
Created an attachment (id=104553) [details]
The patch from Git.
mips-sources: Kumba, please bump to 2.6.19 or patch. systrace-sources: Lcars, please bump to 2.6.19 or patch. xen-sources: Someone on the Xen herd, please bump to 2.6.19 or patch.
Thanks, this is fixed in xen-sources-2.6.16.28-r2, which will hit the tree in a few hours (just waiting for the mirrors to update before I commit the ebuild).