Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 385933 - Kernel: linux >= 2.6.39.1 error within the INET socket monitoring feature (CVE-2011-2484)
Summary: Kernel: linux >= 2.6.39.1 error within the INET socket monitoring feature (CV...
Status: RESOLVED DUPLICATE of bug 374631
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Kernel (show other bugs)
Hardware: All Linux
: Normal minor
Assignee: Gentoo Security
URL: http://secunia.com/advisories/44754/
Whiteboard: [linux >= 2.6.39.1]
Keywords:
Depends on:
Blocks:
 
Reported: 2011-10-06 20:22 UTC by Michael Harrison
Modified: 2012-01-31 11:31 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Michael Harrison 2011-10-06 20:22:25 UTC
An error within the INET socket monitoring feature when auditing the bytecode contained in certain netlink messages can be exploited to cause the kernel to enter an infinite loop via an INET_DIAG_BC_JMP opcode with the "yes" variable set to "0".
Comment 1 Michael Harrison 2012-01-31 11:31:04 UTC
Original Advisory:
http://thread.gmane.org/gmane.linux.network/197206/focus=197386

Solution:
Fixed in version version 2.6.39.3 and 2.6.35.14

*** This bug has been marked as a duplicate of bug 374631 ***