Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Tue, 7 Jun 2011 00:01:06 +0200
From: Petr Matousek <pmatouse@...hat.com>
To: oss-security@...ts.openwall.com
Cc: coley@...us.mitre.org
Subject: CVE-2011-1576 kernel: net: Fix memory leak/corruption on VLAN
 GRO_DROP

The function napi_reuse_skb is only meant to be used for packets merged
by GRO. Using it on the VLAN path will lead to memory leaks/corruption.

The fix for CVE-2011-1478 unveiled this issue. Note, this is not a
CVE-2011-1478 regression.

This issue does not affect the upstream kernel as the code path in
question is no longer reachable due to changes in the VLAN subsystem.

https://bugzilla.redhat.com/CVE-2011-1576

Thanks,
-- 
Petr Matousek / Red Hat Security Response Team

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.