Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 18 Jan 2012 12:38:51 +0800
From: Eugene Teo <eugene@...hat.com>
To: oss-security@...ts.openwall.com
CC: "Steven M. Christey" <coley@...us.mitre.org>
Subject: Re: CVE-2012-0207 kernel: igmp: Avoid zero delay when
 receiving odd mixture of IGMP queries

On 01/10/2012 03:34 PM, Eugene Teo wrote:
> Commit 5b7c84066733c5dfb0e4016d939757b38de189e4 ('ipv4: correct IGMP
> behavior on v3 query during v2-compatibility mode') added yet another
> case for query parsing, which can result in max_delay = 0.  Substitute
> a value of 1, as in the usual v3 case.
> 
> Reported-by: Simon McVittie <smcv <at> debian.org>
> References: http://bugs.debian.org/654876
> Signed-off-by: Ben Hutchings <ben <at> decadent.org.uk>
> 
> http://article.gmane.org/gmane.linux.network/217256
> 
> Introduced in 5b7c8406 2.6.36-rc8
> 
> Thanks, Eugene

Upstream commit:
http://git.kernel.org/linus/a8c1f65c79cbbb2f7da782d4c9d15639a9b94b27

Reference:
https://bugzilla.redhat.com/CVE-2012-0207

Eugene

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ