Re: CVE-2005-2973: Yet another kernel DoS

To: Moritz Muehlenhoff <jmm@inutil.org>
Cc: horms@debian.org, debian-kernel@lists.debian.org, security@debian.org, secure-testing-team@lists.alioth.debian.org
Subject: Re: CVE-2005-2973: Yet another kernel DoS
From: dann frazier <dannf@dannf.org>
Date: Mon, 24 Oct 2005 11:29:48 -0600
Message-id: <[🔎] 1130174989.12603.9.camel@krebs.dannf>
In-reply-to: <[🔎] 20051024082822.GA5166@informatik.uni-bremen.de>
References: <[🔎] 20051024082822.GA5166@informatik.uni-bremen.de>

On Mon, 2005-10-24 at 10:28 +0200, Moritz Muehlenhoff wrote:
> Hi,
> an infinite loop in udp_v6_get_port() can be triggered and thus result in
> local DoS. Please see https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=170772
> for a link to a patch by davem. This is CVE-2005-2973.

I've added this to svn as
people/horms/patch_notes/cve/net-ipv6-udp_v6_get_port-loop.patch, and
symlinked as CAN-2005-2973 for tracking.

Horms: I realize you might be somewhat out of the loop as to how we're
abusing your directory tree; I'll catch you on IRC when you're back to
explain in detail.

> There's also another link to a possible regression for a dst mem leak fix. Does this
> apply to the Debian kernel as well?

I'll check.

Reply to:

Follow-Ups:
- Re: [Secure-testing-team] Re: CVE-2005-2973: Yet another kernel DoS
  - From: Florian Weimer <fw@deneb.enyo.de>
- Re: CVE-2005-2973: Yet another kernel DoS
  - From: Horms <horms@debian.org>

References:
- CVE-2005-2973: Yet another kernel DoS
  - From: Moritz Muehlenhoff <jmm@inutil.org>

Prev by Date: Re: [Secure-testing-team] Re: CVE-2005-2973: Yet another kernel DoS
Next by Date: Processing of initramfs-tools_0.36_i386.changes
Previous by thread: CVE-2005-2973: Yet another kernel DoS
Next by thread: Re: [Secure-testing-team] Re: CVE-2005-2973: Yet another kernel DoS
Index(es):
- Date
- Thread