Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 18 Jan 2012 12:38:51 +0800
From: Eugene Teo <eugene@...hat.com>
To: oss-security@...ts.openwall.com
CC: "Steven M. Christey" <coley@...us.mitre.org>
Subject: Re: CVE-2012-0207 kernel: igmp: Avoid zero delay when
 receiving odd mixture of IGMP queries

On 01/10/2012 03:34 PM, Eugene Teo wrote:
> Commit 5b7c84066733c5dfb0e4016d939757b38de189e4 ('ipv4: correct IGMP
> behavior on v3 query during v2-compatibility mode') added yet another
> case for query parsing, which can result in max_delay = 0.  Substitute
> a value of 1, as in the usual v3 case.
> 
> Reported-by: Simon McVittie <smcv <at> debian.org>
> References: http://bugs.debian.org/654876
> Signed-off-by: Ben Hutchings <ben <at> decadent.org.uk>
> 
> http://article.gmane.org/gmane.linux.network/217256
> 
> Introduced in 5b7c8406 2.6.36-rc8
> 
> Thanks, Eugene

Upstream commit:
http://git.kernel.org/linus/a8c1f65c79cbbb2f7da782d4c9d15639a9b94b27

Reference:
https://bugzilla.redhat.com/CVE-2012-0207

Eugene

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.