110043 – Kernel: Local DOS in udp_v6_get_port (CVE-2005-2973)

Bug 110043 - Kernel: Local DOS in udp_v6_get_port (CVE-2005-2973)

Summary: Kernel: Local DOS in udp_v6_get_port (CVE-2005-2973)

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Kernel (show other bugs)
Hardware:	All Linux

Importance:	High normal (vote)
Assignee:	Gentoo Security

URL:	http://www.frsirt.com/english/advisor...
Whiteboard:	[linux < 2.6.14]
Keywords:

Duplicates (1):	110079 (view as bug list)
Depends on:
Blocks:

Reported:	2005-10-21 09:17 UTC by Andrés Becerra Sandoval
Modified:	2009-05-03 15:47 UTC (History)
CC List:	4 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Andrés Becerra Sandoval 2005-10-21 09:17:24 UTC

Description is in 
http://www.frsirt.com/english/advisories/2005/2173

Reproducible: Always
Steps to Reproduce:
1.
2.
3.

Comment 1 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2005-10-21 23:39:35 UTC

*** Bug 110079 has been marked as a duplicate of this bug. ***

Comment 2 Thierry Carrez (RETIRED) gentoo-dev

2005-11-23 01:52:23 UTC

In Ubuntu's USN-219-1:

Tetsuo Handa discovered a local Denial of Service vulnerability in the
udp_v6_get_port() function. On computers which use IPv6, a local
attacker could exploit this to trigger an infinite loop in the kernel.
(CVE-2005-2973)

Comment 3 Tim Yamin (RETIRED) gentoo-dev

2006-01-02 15:12:28 UTC

Adding maintiners:

mips-sources-2.4.13: Kumba
rsbac-sources: kang

Comment 4 Tim Yamin (RETIRED) gentoo-dev

2006-03-11 09:29:45 UTC

No <2.6.14 kernels left in the tree, closing bug...