Bug 101435

Summary:	Kernel: xfrm Overflow Vulnerability (CAN-2005-2456)
Product:	Gentoo Security	Reporter:	Jean-François Brunette (RETIRED) <formula7>
Component:	Kernel	Assignee:	Gentoo Security <security>
Status:	RESOLVED FIXED
Severity:	normal	CC:	koon, security-kernel
Priority:	High
Version:	unspecified
Hardware:	All
OS:	Linux
URL:	http://www.kernel.org/git/gitweb.cgi?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=a4f1bac62564049ea4718c4624b0fadc9f597c84
Whiteboard:	[linux <2.6.12.4]
Package list:		Runtime testing required:	---

Description Jean-François Brunette (RETIRED) gentoo-dev

2005-08-05 06:30:56 UTC

Not considered as critical, but I just do my job and report it ;)

------------------------------------------
Description:
Balazs Scheidler has reported a vulnerability in the Linux kernel, which
potentially can be exploited by malicious, local users to cause a DoS (Denial of
Service).

The vulnerability is caused due to a boundary error in the XFRM code and can be
exploited to cause an array indexing overflow.

Solution:
The vulnerability has been fixed in versions 2.6.13-rc4 and later.

Comment 1 Tim Yamin (RETIRED) gentoo-dev

2005-08-05 07:58:14 UTC

(Patch at URL)

Comment 2 Daniel Drake (RETIRED) gentoo-dev

2005-08-05 09:46:21 UTC

Updating URL to point at the patch which was applied to Linus' tree.

This was fixed in gentoo-sources-2.6.12-r7 (genpatches-2.6.12-11)

Comment 3 Thierry Carrez (RETIRED) gentoo-dev

2005-08-22 05:14:47 UTC

*** Bug 103326 has been marked as a duplicate of this bug. ***

Comment 4 Tim Yamin (RETIRED) gentoo-dev

2005-11-26 03:52:23 UTC

All fixed, closing bug.