| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20061214.155717.94073310.davem@davemloft.net> Date: Thu, 14 Dec 2006 15:57:17 -0800 (PST) From: David Miller <davem@...emloft.net> To: mchan@...adcom.com Cc: agospoda@...hat.com, netdev@...r.kernel.org, cjk@...hma.com Subject: Re: [PATCH 1/3][BNX2]: Fix panic in bnx2_tx_int(). From: "Michael Chan" <mchan@...adcom.com> Date: Wed, 13 Dec 2006 18:30:33 -0800 > [BNX2]: Fix panic in bnx2_tx_int(). > > There was an off-by-one bug in bnx2_tx_avail(). If the tx ring is > completely full, the producer and consumer indices may be apart by > 256 even though the ring size is only 255. One entry in the ring is > unused and must be properly accounted for when calculating the number > of available entries. The bug caused the tx ring entries to be > reused by mistake, overwriting active entries, and ultimately causing > it to crash. > > This bug rarely occurs because the tx ring is rarely completely full. > We always stop when there is less than MAX_SKB_FRAGS entries available > in the ring. > > Thanks to Corey Kovacs <cjk@...hma.com> and Andy Gospodarek > <agospoda@...hat.com> for reporting the problem and helping to collect > debug information. > > Signed-off-by: Michael Chan <mchan@...adcom.com> Applied, thanks. - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists