Openwall Project   /home  Owl  JtR  Pro  crypt  pam_passwdqc  tcb  phpass  scanlogd  popa3d  msulogin  /  Linux  BIND  /  articles  presentations  /  services  donations  /  wordlists  passwords  /  NEWS  community  lists  Wiki  CVSweb  mirrors  signatures  /  books 
bringing security into open environments
 
Password Recovery Resources on the Net
[<prev] [next>] [<thread-prev] [month] [year] [list] 
Date: Wed, 20 Jan 2010 17:01:40 +0800
From: Eugene Teo <eugeneteo@...nel.sg>
To: oss-security@...ts.openwall.com
CC: "Steven M. Christey" <coley@...us.mitre.org>
Subject: Re: CVE-2009-4272 kernel: emergency route cache flushing
 leads to node deadlock

On 01/20/2010 10:37 AM, Eugene Teo wrote:
> Reported by the Parallels Virtuozzo Containers team.
>
> If an attacker was able to cause a large enough number of collisions in
> the routing hash table (via specially-crafted packets) for the emergency
> route flush to trigger, a deadlock could occur, or if the kernel routing
> cache was disabled, an uninitialized pointer would be left behind after
> a route lookup, leading to a NULL pointer dereference. Both caused by
> the same issue.
>
> Introduced via:
> c6153b5b77650879d78dec76414213c76dd8d574 v2.6.27-rc4~39^2~41
> 1080d709fb9d8cd4392f93476ee46a9d6ea05a5b v2.6.29-rc1~581^2~973
>
> Patches:
> https://bugzilla.redhat.com/show_bug.cgi?id=545411#c6

^^
http://git.kernel.org/linus/73e42897
http://git.kernel.org/linus/b6280b47

> https://bugzilla.redhat.com/show_bug.cgi?id=545411#c15

I have also fixed the permissions of the file attachments.

Thanks, Eugene

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ