oss-security - Re: Linux potential division by zero in TCP code

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [<thread-prev] [day] [month] [year] [list]

Date: Tue, 26 Jan 2016 02:02:28 -0500 (EST)
From: cve-assign@...re.org
To: fw@...eb.enyo.de
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: Linux potential division by zero in TCP code

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8b8a321ff72c785ed5e8b4cf6eda20b35d427390

> This may lead to a div-by-zero if the connection starts another cwnd
> reduction phase by setting tp->prior_cwnd to the current cwnd (0) in
> tcp_init_cwnd_reduction().

Use CVE-2016-2070.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJWpxcsAAoJEL54rhJi8gl5VhcP/jESXeUc6StXDhNzxWKwNAMX
HTJ6wMy29qNG2fvAQWPnS63CVvPbnlkbpLDpQ9b9oG0lJ76IPXjgBI2k9ZOUbaBO
A8vRk4umLqEP5WySGa5GnJsz3MT01tD1nCsTMLaE0YxjL/4Jx7lpiC6HlKCz4yER
6sEqrxqVhLEVYgQ1N+7+kay1HH6yNkoqu00Z1YjzlihoWFYJ1OGicdMuz6DojBOb
fSKQBaSC471xNN3+NdEq/2b2C2mrqwxV9kTo34Wp0MOO6gXPy1cL89pvU9urN8WF
c89+BM/alw2lZmHNtKKuQpYDxBoaA/NQiDGB866FeUrTp4N5CSN2wWSuINnBkQjl
jCDp38o/LRwuzf1CXYMxJlf7ut2D+t5AWKC/ZfAHcb3CJyHRJ+Pdy1jpeJRWLt/o
3YNvy/oxGhUSRAej0fsmCZlTfNV7xPdKWzfBizpZIDIHf73yJChVn3Sh2qXe+IAQ
oJxnj9UYiafTKaHnJFmRUxUf0MtPBy5gu637hk7ej1tBqZY3HmaKxpth9d7BSKhV
z4NNNhD+8TA2QQkgWiQkqOyc0gEDFI7mqqHkrCr0N0ybBQW7n5f+yXzvKQCcN2qa
rvW5sQ727d1MnzmWeZYWiVY5w+RnxzwQgYrdcROLuV2zEgY6ENHhLVO5dObqErgZ
tV9XXTx2FUTvFwOxMSzu
=m2BO
-----END PGP SIGNATURE-----

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.