Bug#295948: marked as done (kernel-source-2.6.9: [CAN-2005-0449] skb_checksum_help DoS)

To: Horms <horms@debian.org>
Cc: Debian kernel team <debian-kernel@lists.debian.org>
Subject: Bug#295948: marked as done (kernel-source-2.6.9: [CAN-2005-0449] skb_checksum_help DoS)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Tue, 22 Mar 2005 03:03:57 -0800
Message-id: <[🔎] handler.295948.D295948.11114889385034.ackdone@bugs.debian.org>
In-reply-to: <20050322063300.GI24872@verge.net.au>
References: <20050322063300.GI24872@verge.net.au> <E1D26DK-0001wn-Rl@localhost>

Your message dated Tue, 22 Mar 2005 15:33:02 +0900
with message-id <20050322063300.GI24872@verge.net.au>
and subject line Bug#295948: kernel-source-2.6.9: [CAN-2005-0449] skb_checksum_help DoS
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--------------------------------------
Received: (at submit) by bugs.debian.org; 19 Feb 2005 09:45:16 +0000
>From djoume@taket.org Sat Feb 19 01:45:16 2005
Return-path: <djoume@taket.org>
Received: from krepost.taket.org (localhost) [82.233.235.217] 
	by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
	id 1D2RAq-0006vH-00; Sat, 19 Feb 2005 01:45:16 -0800
Received: from djoume by localhost with local (Exim 4.44)
	id 1D26DK-0001wn-Rl; Fri, 18 Feb 2005 12:22:26 +0100
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Djoume SALVETTI <djoume@taket.org>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: kernel-source-2.6.9: [CAN-2005-0449] skb_checksum_help DoS
X-Mailer: reportbug 3.7.1
Date: Fri, 18 Feb 2005 12:22:26 +0100
X-Debbugs-Cc: djoume@taket.org
Message-Id: <E1D26DK-0001wn-Rl@localhost>
Delivered-To: submit@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
	(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-10.3 required=4.0 tests=BAYES_00,DATE_IN_PAST_12_24,
	HAS_PACKAGE,X_DEBBUGS_CC autolearn=ham 
	version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level: 

Package: kernel-source-2.6.9
Severity: normal


Good day,

>From CAN-2005-0449 :

| The netfilter/iptables module in Linux before 2.6.8.1 allows remote
| attackers to cause a denial of service (kernel crash) or bypass
| firewall rules via crafted packets, which are not properly handled by
| the skb_checksum_help function.

More info is available here :
http://oss.sgi.com/archives/netdev/2005-01/msg01036.html

I believe this CAN is bogus as 2.6.10 seems to be vulnerable.

A patch from Herbet Xu is available here :

http://oss.sgi.com/archives/netdev/2005-01/msg01072.html

Regards.



-- System Information:
Debian Release: 3.1
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: powerpc (ppc)
Kernel: Linux 2.6.9-rfb-swsusp
Locale: LANG=fr_FR@euro, LC_CTYPE=fr_FR@euro (charmap=ISO-8859-15)

---------------------------------------
Received: (at 295948-done) by bugs.debian.org; 22 Mar 2005 10:55:38 +0000
>From horms@koto.vergenet.net Tue Mar 22 02:55:38 2005
Return-path: <horms@koto.vergenet.net>
Received: from koto.vergenet.net [210.128.90.7] 
	by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
	id 1DDh2w-0001HD-00; Tue, 22 Mar 2005 02:55:38 -0800
Received: by koto.vergenet.net (Postfix, from userid 7100)
	id 71C5834030; Tue, 22 Mar 2005 19:32:29 +0900 (JST)
Date: Tue, 22 Mar 2005 15:33:02 +0900
From: Horms <horms@debian.org>
To: Djoume SALVETTI <djoume@taket.org>, 295948-done@bugs.debian.org
Subject: Re: Bug#295948: kernel-source-2.6.9: [CAN-2005-0449] skb_checksum_help DoS
Message-ID: <20050322063300.GI24872@verge.net.au>
References: <E1D26DK-0001wn-Rl@localhost>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <E1D26DK-0001wn-Rl@localhost>
X-Cluestick: seven
User-Agent: Mutt/1.5.6+20040907i
Delivered-To: 295948-done@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
	(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-5.6 required=4.0 tests=BAYES_00,DATE_IN_PAST_03_06,
	HAS_BUG_NUMBER autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level: 

On Fri, Feb 18, 2005 at 12:22:26PM +0100, Djoume SALVETTI wrote:
> Package: kernel-source-2.6.9
> Severity: normal

This kernel is no longer present in the archive.
I am closing the bug accordingly.

-- 
Horms

Reply to:

Prev by Date: Bug#295947: marked as done (kernel-source-2.6.10: [CAN-2005-0449] skb_checksum_help DoS)
Next by Date: Re: NEW handling: About rejects, and kernels (Was: Re: NEW handling ...)
Previous by thread: Bug#295947: marked as done (kernel-source-2.6.10: [CAN-2005-0449] skb_checksum_help DoS)
Next by thread: 2.4.27 ABI Change for CAN-2005-0449
Index(es):
- Date
- Thread