Date: Tue, 10 Jan 2012 10:23:51 -0700 From: Kurt Seifried <kseifried@...hat.com> To: oss-security@...ts.openwall.com Subject: Re: CVE-2012-0207 kernel: igmp: Avoid zero delay when receiving odd mixture of IGMP queries On 01/10/2012 10:23 AM, Moritz Muehlenhoff wrote: > On Tue, Jan 10, 2012 at 08:58:07AM -0700, Kurt Seifried wrote: >> On 01/10/2012 12:34 AM, Eugene Teo wrote: >>> Commit 5b7c84066733c5dfb0e4016d939757b38de189e4 ('ipv4: correct IGMP >>> behavior on v3 query during v2-compatibility mode') added yet another >>> case for query parsing, which can result in max_delay = 0. Substitute >>> a value of 1, as in the usual v3 case. >>> >>> Reported-by: Simon McVittie <smcv <at> debian.org> >>> References: http://bugs.debian.org/654876 >>> Signed-off-by: Ben Hutchings <ben <at> decadent.org.uk> >>> >>> http://article.gmane.org/gmane.linux.network/217256 >>> >>> Introduced in 5b7c8406 2.6.36-rc8 >>> >>> Thanks, Eugene >> Debian appears to have assigned CVE-2012-0207 to this issue, is that >> correct? > Yes, it's also in the Subject of Eugene's mail :-) > > Cheers, > Moritz I really need to stop doing oss-sec before breakfast. -- -- Kurt Seifried / Red Hat Security Response Team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ