Products Openwall GNU/*/Linux   server OS John the Ripper   password cracker Free & Open Source for any platform Pro for Linux (RPM package) Pro for Mac OS X (dmg package) Wordlists   for password cracking passwdqc   policy enforcement phpass   password hashing in PHP crypt_blowfish   ditto in C/C++ tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login Linux kernel security hardening Services Publications Articles Presentations Community Mailing lists Community wiki Donations Resources Source code repository (CVSweb) File archive & mirrors How to verify digital signatures Password recovery resources Recommended books What's new

Date: Wed, 08 Apr 2009 15:58:55 +0800
From: Eugene Teo <eugene@...hat.com>
To: oss-security@...ts.openwall.com
CC: Willy Tarreau <w@....eu>
Subject: CVE-2009-1265 kernel: af_rose/x25: Sanity check the maximum user
 frame size

{nr,rose,x25}_sendmsg() functions need to have sanity checks on the
packet size, otherwise the sizes can wrap and end up sending garbage.

http://bugzilla.kernel.org/show_bug.cgi?id=10423
http://git.kernel.org/linus/83e0bbcbe2145f160fbaa109b0439dae7f4a38a9
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1265

This affects both 2.4.x and 2.6.x if CONFIG_{NETROM,ROSE,X25} are enabled.

Thanks, Eugene
-- 
Eugene Teo, RHCA, RHCSS / Red Hat Security Response Team

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ