[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#529342: linux-2.6: ipv6 potential denial-of-service



Package: linux-2.6
Version: 2.6.26
Severity: important
Tags: security patch

Hi,

The following CVE (Common Vulnerabilities & Exposures) id was
published for linux-2.6.

CVE-2009-1360[0]:
| The __inet6_check_established function in net/ipv6/inet6_hashtables.c
| in the Linux kernel before 2.6.29, when Network Namespace Support (aka
| NET_NS) is enabled, allows remote attackers to cause a denial of
| service (NULL pointer dereference and system crash) via vectors
| involving IPv6 packets.

If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.

Note that the kernel changelog says that this vulnerability was
introduced in 2.6.27; however, I've checked and found that the 2.6.26
code is identical to vulnerable 2.6.27 code.  Hence, it is my
assessment that 2.6.26 is affected as well.

Note also that etch-and-a-half (2.6.24) is likely affected as well, but
I have not checked this.

Since this is just a denial-of-service, it is of low severity/urgency.

Patches are available [1] and more info [2].

For further information see:

[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1360
    http://security-tracker.debian.net/tracker/CVE-2009-1360
[1]
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=3f53a38131a4e7a053c0aa060aba0411242fb6b9;hp=0c9a3aaaf30e1d1994de58c554ef97a719e20892
[2]
http://xorl.wordpress.com/2009/04/21/linux-kernel-net_ns-ipv6-null-pointer-dereference/



Reply to: