196862 – ieee80211 off-by-two integer underflow DoS (CVE-2007-4997)

Bug 196862 - ieee80211 off-by-two integer underflow DoS (CVE-2007-4997)

Summary: ieee80211 off-by-two integer underflow DoS (CVE-2007-4997)

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Kernel (show other bugs)
Hardware:	All Linux

Importance:	High normal (vote)
Assignee:	Gentoo Security

URL:	https://bugzilla.redhat.com/show_bug....
Whiteboard:	[linux < 2.6.23][genpatches < 2.6.23-1]
Keywords:

Depends on:
Blocks:

Reported:	2007-10-24 00:58 UTC by Robert Buchholz (RETIRED)
Modified:	2013-09-03 03:21 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
git commit for CVS-2007-4997 (1500-CVE-2007-4997-ieee80211-underflow-dos.patch,1.87 KB, patch) 2007-11-13 00:25 UTC, Mike Pagano	no flags	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Robert Buchholz (RETIRED) gentoo-dev

2007-10-24 00:58:56 UTC

According to RedHat:
  Chris Evans discovered that a malicious 80211 frame can crash machine
  if certain drivers, chipsets, and firmware is in use.

Comment 1 Mike Pagano gentoo-dev

2007-11-13 00:25:08 UTC

Created attachment 135846 [details, diff]
git commit for CVS-2007-4997

Here is the patch from the mainline tree

Comment 2 Mike Pagano gentoo-dev

2007-11-16 18:17:52 UTC

This patch has also made it to the 2.6.23 stable tree.

http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.23.y.git;a=commit;h=04045f98e0457aba7d4e6736f37eed189c48a5f7