Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 20 Feb 2013 01:41:09 +0100
From: Petr Matousek <>
Cc: Kurt Seifried <>
Subject: CVE request -- Linux kernel: net: CIPSO_V4_TAG_LOCAL tag NULL
 pointer dereference

The skb argument to cipso_v4_validate() is NULL when called via the
setsockopt() syscall. An local user able to set CIPSO IP options on the
socket could use this flaw to crash the system.

Upstream fix:;a=commit;h=89d7ae34cdda4195809a5a987f697a517a2a3177


Petr Matousek / Red Hat Security Response Team

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ