Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 296393 (CVE-2009-1298) - Kernel: ip_frag_reasm() in ipv4/ip_fragment.c NULL pointer dereference (CVE-2009-1298)
Summary: Kernel: ip_frag_reasm() in ipv4/ip_fragment.c NULL pointer dereference (CVE-2...
Status: RESOLVED FIXED
Alias: CVE-2009-1298
Product: Gentoo Security
Classification: Unclassified
Component: Kernel (show other bugs)
Hardware: All Linux
: High normal
Assignee: Gentoo Security
URL: http://git.kernel.org/?p=linux/kernel...
Whiteboard: [linux <2.6.30.10] [linux >=2.6.31 <2...
Keywords:
Depends on:
Blocks:
 
Reported: 2009-12-10 11:59 UTC by Stefan Behte (RETIRED)
Modified: 2013-09-15 18:47 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Stefan Behte (RETIRED) gentoo-dev Security 2009-12-10 11:59:22 UTC 
CVE-2009-1298 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1298):
  The ip_frag_reasm function in ipv4/ip_fragment.c in Linux kernel
  2.6.32-rc8, and possibly earlier versions, calls IP_INC_STATS_BH with
  an incorrect argument, which allows remote attackers to cause a
  denial of service (NULL pointer dereference and hang) via long IP
  packets, possibly related to the ip_defrag function.
Comment 1 Lars Wendler (Polynomial-C) (RETIRED) gentoo-dev 2009-12-10 12:11:22 UTC 
Dupe of bug #296383 maybe?
Comment 2 Stefan Behte (RETIRED) gentoo-dev Security 2009-12-10 12:21:45 UTC 
Already fixed. The other bug contained the ext4 issue, too. That will be tracked there, we track CVE-2009-1298 here. I was interrupted while filing, so it popped up after I had searched, sorry.