Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Wed, 23 Nov 2016 22:49:22 -0500
From: <cve-assign@...re.org>
To: <oss-security@...ts.openwall.com>
CC: <cve-assign@...re.org>
Subject: Linux kernel net/ipv4/ip_tunnel.c issue mentioned on netdev

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

In case anyone wants to be aware of CVE ID requests that appeared
on other public mailing lists:

  http://marc.info/?l=linux-netdev&m=147995726821221&w=2

wanted an ID for an integer overflow in this:

  https://github.com/torvalds/linux/blob/cfc7381b3002756b1dcada32979e942aa3126e31/net/ipv4/ip_tunnel.c#L396-L404

Because the report was simultaneously sent to security@...nel.org and
may have other people contributing analysis, we may be waiting a short
time before assigning a CVE ID.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJYNmLPAAoJEHb/MwWLVhi2nVYQALYW1yBzHzv/hVdWIsUHKLQC
5gNQoTyazj6zw4fTiXfkg8MESzeTHPEY3IygWE0UhvdnZG6SjfS5HVBONsZtLPMu
MBzgJ8nLefUeonhqAKaMYzbi4Ntt1Cf/AWGoiA5Dd8+MTmwc4hOCvkyhQwZsKjJh
DyIIsNGgFd0glItqicNhNCEwXcdmPeeWGHqi9vN4n6ZjVkra1rEUlZ44dnPkTxNa
9Y9m0+ETP4CrufvWnPv2E4rAEuqqRzHiEX1gPWNT/Rabf/VCMVPZHXyiXxdCYlnR
vOyY9DzpO3NeI5yxGqME8/A5H0RkgvWsnrFOxqgaHOV1odTaseA8s6K3FAQY2Z9Z
tQfM3lHRq80TkfAp7SelwjWk9kH+gWOYGdcDER2vjv45WO9ETdRcrfIV4X07fWJ7
YDU1T+qc/0647OP6un/lEnVBQX2AoFfY25IhloYUpKHGxNxxUFJIurVpTIN+qksf
2gAJcMTF4MDfNmAaENi97tL4CwkJmvGswncPG4Cy3V+hsvRNqgp0VWuYFVfv/MtT
SIb80ErscC1+ltKJBUka4Pi9C3Q0fx4f51/gf0XLrjQBUhtwUwl889yr5lM1Cf4X
e1Wja9saMPGcYWZudIvTameli18G+5Z1Hh/Iu9NR5HxYUHOIEVoGWaRCt2LxkRR6
9sos50TA6UaxylJ3PdAn
=5/Wi
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ