Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 250548 (CVE-2008-5079) - Kernel: net/atm/svc.c DOS (CVE-2008-5079)
Summary: Kernel: net/atm/svc.c DOS (CVE-2008-5079)
Status: RESOLVED FIXED
Alias: CVE-2008-5079
Product: Gentoo Security
Classification: Unclassified
Component: Kernel (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo Security
URL: http://git.kernel.org/?p=linux/kernel...
Whiteboard: [linux <2.6.27.9]
Keywords:
Depends on:
Blocks:
 
Reported: 2008-12-10 20:42 UTC by Stefan Behte (RETIRED)
Modified: 2013-09-05 03:33 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Stefan Behte (RETIRED) gentoo-dev Security 2008-12-10 20:42:58 UTC 
CVE-2008-5079 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5079):
  net/atm/svc.c in the ATM subsystem in the Linux kernel 2.6.27.8 and
  earlier allows local users to cause a denial of service (kernel
  infinite loop) by making two calls to svc_listen for the same socket,
  and then reading a /proc/net/atm/*vc file, related to corruption of
  the vcc table.
Comment 2 Axel Dyks 2008-12-11 19:30:45 UTC 
Fix made it into stable review for 2.6.27.9
  --> [patch 19/83] http://lkml.org/lkml/2008/12/11/234
Comment 3 Axel Dyks 2008-12-14 19:02:38 UTC 
It's in 2.6.27.9 (kernel.org) and gentoo-sources-2.6.27-r6.