Date: Wed, 03 Jun 2009 10:06:54 +0800 From: Eugene Teo <eugene@...hat.com> To: oss-security@...ts.openwall.com CC: "Steven M. Christey" <coley@...us.mitre.org>, Greg KH <greg@...ah.com> Subject: CVE-2009-1385 kernel: e1000_clean_rx_irq() denial of service e1000 has an issue in which a partial frame can leak through validation check on reception. This can lead to an underflow in the length computation of the frame which will panic the system in question. This bug was discovered and fixed in e1000-7.5.5 since April 2007, but was somehow not merged in the upstream kernel... http://sourceforge.net/project/shownotes.php?release_id=504022&group_id=42302 Notes: * fix panic on changing MTU under stress [...] References: http://sourceforge.net/projects/e1000 http://git.kernel.org/linus/ea30e11970a96cfe5e32c03a29332554573b4a10 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-1385 Thanks, Eugene
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.