Bug#321401: CAN-2005-2456: Array index overflow in xfrm code

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#321401: CAN-2005-2456: Array index overflow in xfrm code
From: Moritz Muehlenhoff <jmm@inutil.org>
Date: Fri, 05 Aug 2005 11:27:26 +0200
Message-id: <[🔎] E1E0yUA-0001bc-Uq@localhost.localdomain>
Reply-to: Moritz Muehlenhoff <jmm@inutil.org>, 321401@bugs.debian.org

Package: linux-2.6
Severity: important
Tags: security patch

An overflow in sock->sk_policy could possibly be exploited as DoS or
potential execution of arbitrary code. Please see
http://www.mail-archive.com/netdev@vger.kernel.org/msg00520.html
for details. A fix has been comitted into the git repo, please see
http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=a4f1bac62564049ea4718c4624b0fadc9f597c84

This has been assigned CAN-2005-2456.

Cheers,
        Moritz

-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.12-rc5
Locale: LANG=C, LC_CTYPE=de_DE.ISO-8859-15@euro (charmap=ISO-8859-15)

Reply to:

Follow-Ups:
- Bug#321401: CAN-2005-2456: Array index overflow in xfrm code
  - From: Horms <horms@debian.org>
- Bug#321401: marked as done (CAN-2005-2456: Array index overflow in xfrm code)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: Sarge with HP LH6000
Next by Date: Bug#321403: 8139too network driver won't work with my card (it did with 2.6.8)
Previous by thread: Sarge with HP LH6000
Next by thread: Bug#321401: CAN-2005-2456: Array index overflow in xfrm code
Index(es):
- Date
- Thread