Date: Fri, 10 Jul 2015 12:27:11 +0200 From: Gsunde Orangen <gsunde.orangen@...il.com> To: oss-security@...ts.openwall.com Subject: Re: Re: CVE Request: UDP checksum DoS These two issues (CVE-2015-5366 and CVE-2015-5364) - commit in May 30th: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=beb39db59d14990e401e235faf66a6b9b31240b0 are fixed upstream in: 3.10.81, 3.12.44, 3.14.45, 3.18.17, 4.0.6, and 4.1-rc7 Does anyone know the reason why it wasn't (yet?) included in the latest 3.4.x release (3.4.108 as of 2015-06-19)? Thanks, Gsunde On 2015-07-06, 11:23 cve-assign@...re.org wrote: >>> However, the presence of "return -EAGAIN" may also have been a >>> security problem in some realistic circumstances. For >>> example, maybe there's an attacker who can't transmit a flood >>> with invalid checksums, but can sometimes inject one packet >>> with an invalid checksum. The goal of this attacker isn't to >>> cause a system hang; the goal is to cause an EPOLLET epoll >>> application to stop reading for an indefinitely long period of >>> time. This scenario can't also be covered by CVE-2015-5364. Is >>> it better to have no CVE ID at all, e.g., is >>> udp_recvmsg/udpv6_recvmsg simply not intended to defend against >>> this scenario? > >> It seems reasonable to assign a second CVE ID to that issue. > > Use CVE-2015-5366. > >
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ