Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 31 Oct 2012 15:31:20 +0100
From: Petr Matousek <pmatouse@...hat.com>
To: oss-security@...ts.openwall.com
Subject: CVE Request -- kernel: net: divide by zero in tcp algorithm illinois

Description of the problem:
Reading TCP stats when using TCP Illinois congestion control algorithm
can cause a divide by zero kernel oops.

An unprivileged local user could use this flaw to crash the system.

Proposed upstream patch:
http://thread.gmane.org/gmane.linux.network/247871

Acknowledgements:

This issue was discovered by Rodrigo Freire of Red Hat.

References:
https://bugzilla.redhat.com/show_bug.cgi?id=871848
http://thread.gmane.org/gmane.linux.network/247871

Thanks,
-- 
Petr Matousek / Red Hat Security Response Team

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ