Date: Wed, 24 Dec 2008 11:58:48 -0500 (EST) From: "Steven M. Christey" <coley@...us.mitre.org> To: oss-security@...ts.openwall.com cc: "Steven M. Christey" <coley@...us.mitre.org> Subject: Re: CVE request: kernel: soft lockup occurs when network load is very high ====================================================== Name: CVE-2008-5713 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5713 Reference: MLIST:[oss-security] 20081223 CVE request: kernel: soft lockup occurs when network load is very high Reference: URL:http://openwall.com/lists/oss-security/2008/12/23/1 Reference: CONFIRM:http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.27.y.git;a=commit;h=2ba2506ca7ca62c56edaa334b0fe61eb5eab6ab0 Reference: CONFIRM:http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25 Reference: CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=477744 Reference: BID:32985 Reference: URL:http://www.securityfocus.com/bid/32985 The __qdisc_run function in net/sched/sch_generic.c in the Linux kernel before 2.6.25 on SMP machines allows local users to cause a denial of service (soft lockup) by sending a large amount of network traffic, as demonstrated by multiple simultaneous invocations of the Netperf benchmark application in UDP_STREAM mode.
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.