Summary: | Kernel: linux >= 2.6.39.1 error when processing the "osf_wait4()" system call in arch/alpha/kernel/osf_sys.c (CVE-2011-2213) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Michael Harrison <n0idx80> |
Component: | Kernel | Assignee: | Gentoo Kernel Security <security-kernel> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | alpha-kernel, kernel |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | Alpha | ||
OS: | Linux | ||
URL: | http://secunia.com/advisories/44754/ | ||
Whiteboard: | [linux >= 2.6.39.1] | ||
Package list: | Runtime testing required: | --- |
Description
Michael Harrison
2011-10-06 20:19:23 UTC
CVE-2011-2213 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2213): The inet_diag_bc_audit function in net/ipv4/inet_diag.c in the Linux kernel before 2.6.39.3 does not properly audit INET_DIAG bytecode, which allows local users to cause a denial of service (kernel infinite loop) via crafted INET_DIAG_REQ_BYTECODE instructions in a netlink message, as demonstrated by an INET_DIAG_BC_JMP instruction with a zero yes value, a different vulnerability than CVE-2010-3880. Original Advisory: https://lkml.org/lkml/2011/6/11/87 Solution: Fixed in version 2.6.35.14 There are no longer any 2.x kernels available in the repository with the exception of sys-kernel/xbox-sources which is unsupported by security. |