CAN-2005-0449
The changelog entry for CAN-2005-0449 (in kernel-source-2.6.8) reads:
* ipv4-fragment-queues-1.dpatch, ipv4-fragment-queues-2.dpatch,
ipv4-fragment-queues-3.dpatch, ipv4-fragment-queues-4.dpatch:
fix potential information leak by making fragment queues private.
CAN-2005-0449 (Joshua Kwan, Simon Horman)
However, the CVE entry describes a different problem:
| The netfilter/iptables module in Linux before 2.6.8.1 allows remote
| attackers to cause a denial of service (kernel crash) or bypass
| firewall rules via crafted packets, which are not properly handled
| by the skb_checksum_help function.
Which one is correct?
Reply to: