Date: Thu, 8 Dec 2016 16:21:26 +0100 From: Florian Pritz <bluewind@...u.at> To: "oss-security@...ts.openwall.com" <oss-security@...ts.openwall.com>, cve-assign@...re.org Subject: CVE request: Linux panic on fragemented IPv6 traffic (icmp6_send) Hi, The linux kernel contains a bug where a fragmented IPv6 packet causes a panic after a timeout (seems to be roughly 60 seconds). This can be triggered remotely via the internet and results in a DoS (kernel panic). Details: https://bugzilla.kernel.org/show_bug.cgi?id=189851 This is fixed by commit 79dc7e3f1cd323be4c81aa1a94faa1b3ed987fb2 Author: David Ahern <dsa@...ulusnetworks.com> Date: Sun Nov 27 18:52:53 2016 -0800 net: handle no dst on skb in icmp6_send Reference: https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=79dc7e3f1cd323be4c81aa1a94faa1b3ed987fb2 Can a CVE be assigned to this issue? Florian Download attachment "signature.asc" of type "application/pgp-signature" (859 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.