Bug#304548: CAN-2005-1041: DoS vulnerability in fib_seq_start()

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#304548: CAN-2005-1041: DoS vulnerability in fib_seq_start()
From: Moritz Muehlenhoff <jmm@inutil.org>
Date: Thu, 14 Apr 2005 00:22:32 +0200
Message-id: <[🔎] E1DLqFl-0002fJ-RI@localhost.localdomain>
Reply-to: Moritz Muehlenhoff <jmm@inutil.org>, 304548@bugs.debian.org

Package: kernel-source-2.6.8
Version: 2.6.8-15
Severity: important
Tags: security

CAN-2005-1041 describes a DoS vulnerability inside the fib_seq_start function of
fib_hash.c that permits local users to crash the kernel via /proc/net/route.

Patch is available at:
http://marc.theaimsgroup.com/?l=bk-commits-head&m=111186506706769&w=2 

Cheers,
        Moritz

-- System Information:
Debian Release: 3.1
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.11
Locale: LANG=C, LC_CTYPE=de_DE.ISO-8859-15@euro (charmap=ISO-8859-15)

Versions of packages kernel-source-2.6.8 depends on:
ii  binutils                      2.15-5     The GNU assembler, linker and bina
ii  bzip2                         1.0.2-5    high-quality block-sorting file co
ii  coreutils [fileutils]         5.2.1-2    The GNU core utilities

Reply to:

Prev by Date: Bug#303550: kernel-image-2.6.11-1-686: irq11 makes eth0 problems
Next by Date: Processing of kernel-image-2.6.11-ia64_2.6.11-1_ia64.changes
Previous by thread: Bug#276477:
Next by thread: Processing of kernel-image-2.6.11-ia64_2.6.11-1_ia64.changes
Index(es):
- Date
- Thread