Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 20 Jan 2010 17:01:40 +0800
From: Eugene Teo <eugeneteo@...nel.sg>
To: oss-security@...ts.openwall.com
CC: "Steven M. Christey" <coley@...us.mitre.org>
Subject: Re: CVE-2009-4272 kernel: emergency route cache flushing
 leads to node deadlock

On 01/20/2010 10:37 AM, Eugene Teo wrote:
> Reported by the Parallels Virtuozzo Containers team.
>
> If an attacker was able to cause a large enough number of collisions in
> the routing hash table (via specially-crafted packets) for the emergency
> route flush to trigger, a deadlock could occur, or if the kernel routing
> cache was disabled, an uninitialized pointer would be left behind after
> a route lookup, leading to a NULL pointer dereference. Both caused by
> the same issue.
>
> Introduced via:
> c6153b5b77650879d78dec76414213c76dd8d574 v2.6.27-rc4~39^2~41
> 1080d709fb9d8cd4392f93476ee46a9d6ea05a5b v2.6.29-rc1~581^2~973
>
> Patches:
> https://bugzilla.redhat.com/show_bug.cgi?id=545411#c6

^^
http://git.kernel.org/linus/73e42897
http://git.kernel.org/linus/b6280b47

> https://bugzilla.redhat.com/show_bug.cgi?id=545411#c15

I have also fixed the permissions of the file attachments.

Thanks, Eugene

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.