Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 196862

Summary: ieee80211 off-by-two integer underflow DoS (CVE-2007-4997)
Product: Gentoo Security Reporter: Robert Buchholz (RETIRED) <rbu>
Component: KernelAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: kernel
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://bugzilla.redhat.com/show_bug.cgi?id=346341
Whiteboard: [linux < 2.6.23][genpatches < 2.6.23-1]
Package list:
Runtime testing required: ---
Attachments:
Description Flags
git commit for CVS-2007-4997 none

Description Robert Buchholz (RETIRED) gentoo-dev 2007-10-24 00:58:56 UTC 
According to RedHat:
  Chris Evans discovered that a malicious 80211 frame can crash machine
  if certain drivers, chipsets, and firmware is in use.
Comment 1 Mike Pagano gentoo-dev 2007-11-13 00:25:08 UTC 
Created attachment 135846 [details, diff]
git commit for CVS-2007-4997

Here is the patch from the mainline tree
Comment 2 Mike Pagano gentoo-dev 2007-11-16 18:17:52 UTC 
This patch has also made it to the 2.6.23 stable tree.

http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.23.y.git;a=commit;h=04045f98e0457aba7d4e6736f37eed189c48a5f7