Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 171886 (CVE-2007-1592)

Summary: Kernel: ipv6_fl_socklist is inadvertently shared (CVE-2007-1592)
Product: Gentoo Security Reporter: Sune Kloppenborg Jeppesen (RETIRED) <jaervosz>
Component: KernelAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal    
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=d35690beda1429544d46c8eb34b2e3a8c37ab299
Whiteboard: [linux < 2.6.16.45][linux >= 2.6.17 < 2.6.20.4][gp < 2.6.20-5][gentoo < 2.6.20-r4]
Package list:
Runtime testing required: ---

Description Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2007-03-23 07:15:01 UTC 
[IPV6]: ipv6_fl_socklist is inadvertently shared.
 
 The ipv6_fl_socklist from listening socket is inadvertently shared
 with new socket created for connection.  This leads to a variety of
 interesting, but fatal, bugs. For example, removing one of the
 sockets may lead to the other socket's encountering a page fault
 when the now freed list is referenced.
 
 The fix is to not share the flow label list with the new socket.
 
 Signed-off-by: Masayuki Nakagawa <nakagawa.msy@ncos.nec.co.jp>
 Signed-off-by: David S. Miller <davem@davemloft.net>
Comment 1 unnamedrambler 2008-03-08 17:25:43 UTC 
metadata:
[linux < 2.6.16.45] 202e363b00807107da624289eb2257ea32b29420
[linux >= 2.6.17 < 2.6.20.4] c92fc42fc79aa7c77c90d91c69144f2d9b94a71b
also in 2.6.21  d35690beda1429544d46c8eb34b2e3a8c37ab299

[gp < 2.6.20-5][gentoo < 2.6.20-r4]