Date: Wed, 18 Jan 2012 12:38:51 +0800 From: Eugene Teo <eugene@...hat.com> To: oss-security@...ts.openwall.com CC: "Steven M. Christey" <coley@...us.mitre.org> Subject: Re: CVE-2012-0207 kernel: igmp: Avoid zero delay when receiving odd mixture of IGMP queries On 01/10/2012 03:34 PM, Eugene Teo wrote: > Commit 5b7c84066733c5dfb0e4016d939757b38de189e4 ('ipv4: correct IGMP > behavior on v3 query during v2-compatibility mode') added yet another > case for query parsing, which can result in max_delay = 0. Substitute > a value of 1, as in the usual v3 case. > > Reported-by: Simon McVittie <smcv <at> debian.org> > References: http://bugs.debian.org/654876 > Signed-off-by: Ben Hutchings <ben <at> decadent.org.uk> > > http://article.gmane.org/gmane.linux.network/217256 > > Introduced in 5b7c8406 2.6.36-rc8 > > Thanks, Eugene Upstream commit: http://git.kernel.org/linus/a8c1f65c79cbbb2f7da782d4c9d15639a9b94b27 Reference: https://bugzilla.redhat.com/CVE-2012-0207 Eugene
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ