Bug#811280: kfreebsd-10: CVE-2016-1882: TCP MD5 signature denial of service [SA-16:05]

To: submit@bugs.debian.org
Subject: Bug#811280: kfreebsd-10: CVE-2016-1882: TCP MD5 signature denial of service [SA-16:05]
From: Steven Chamberlain <steven@pyro.eu.org>
Date: Sun, 17 Jan 2016 15:54:45 +0000
Message-id: <[🔎] 20160117155445.GD89333@pyro.eu.org>
Reply-to: Steven Chamberlain <steven@pyro.eu.org>, 811280@bugs.debian.org

Package: src:kfreebsd-10
Version: 10.1~svn274115-4+kbsd8u1
Severity: grave
Tags: security upstream                                                                                           
Control: found -1 10.1~svn274115-10

kfreebsd's TCP stack is vulnerable to local (and possibly remote under
extreme conditions) denial of service (kernel panic).

https://security.FreeBSD.org/advisories/FreeBSD-SA-16:05.tcp.asc

This affects kfreebsd-10, and also kfreebsd-9 in wheezy.

Reply to:

Follow-Ups:
- Processed: kfreebsd-10: CVE-2016-1882: TCP MD5 signature denial of service [SA-16:05]
  - From: owner@bugs.debian.org (Debian Bug Tracking System)
- Bug#811280: marked as done (kfreebsd-10: CVE-2016-1882: TCP MD5 signature denial of service [SA-16:05])
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: Processed: kfreebsd-10: CVE-2016-1881: Linux compatibility layer setgroups(2) system call vulnerability [SA-16:04]
Next by Date: Processed: kfreebsd-10: CVE-2016-1882: TCP MD5 signature denial of service [SA-16:05]
Previous by thread: Bug#811279: marked as done (kfreebsd-10: CVE-2016-1881: Linux compatibility layer setgroups(2) system call vulnerability [SA-16:04])
Next by thread: Processed: kfreebsd-10: CVE-2016-1882: TCP MD5 signature denial of service [SA-16:05]
Index(es):
- Date
- Thread