[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: 2.4.27 ABI Change for CAN-2005-0449

On Tue, Mar 22, 2005 at 10:44:11PM +0900, Horms wrote:
> Hi,
> I would like to advise that kernel-source-2.4.27 is
> vulnerable to CAN-2005-0449 and that the fix requires
> an ABI change. This is the same situation as kernel-source-2.6.8,
> and the patch is almost identical.
> CAN-2005-0449 is a remotely exploitable bug that allows
> carefully crafted packets to cause the kernel to crash
> by exploting a race in the fragmentation handling code.
> http://oss.sgi.com/archives/netdev/2005-01/msg01048.html
> For reference the fix can be found at
> http://linux.bkbits.net:8080/linux-2.4/cset@41f88485GhpPWpvjU0X_-6IkvMcbRA
> This changes the ABI by adding an extra argument to the
> ip_defrag() and ip_ct_gather_frags() exported functions.

Minor update: ip_defrag() is introduced in 2.4.27-9, so
ip_ct_gather_frags() is the only pre 2.4.27-9 symbol that
is being changed.

> The intention of this email is to advise the d-i team of this change
> so a schedule for release can be discussed. I am happy to 
> ommit the the inclusion of the fix CAN-2005-0449 from the
> next release of kernel-source-2.4.27, and delay its inclusion
> as the d-i team recommends.
> At this stage, this is the only ABI change I have for kernel-source-2.4.27.
> I will advise if this situation changes.


Reply to: