| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 23 Sep 2010 12:37:39 -0700 From: Greg KH <greg@...ah.com> To: David Miller <davem@...emloft.net> Cc: dreibh@....uni-due.de, akpm@...ux-foundation.org, vladislav.yasevich@...com, netdev@...r.kernel.org, bugzilla-daemon@...zilla.kernel.org, martin.becke@...-due.de, linux-sctp@...r.kernel.org, stable@...nel.org, sri@...ibm.com Subject: Re: [stable] [Bugme-new] [Bug 18592] New: Remote/local Denial of Service vulnerability in SCTP packet/chunk handling On Thu, Sep 23, 2010 at 12:21:55PM -0700, David Miller wrote: > From: Greg KH <greg@...ah.com> > Date: Thu, 23 Sep 2010 11:05:15 -0700 > > > On Sat, Sep 18, 2010 at 04:11:03PM +0200, Thomas Dreibholz wrote: > >> Vlad's patch solves the problem. I hope this patch can go into the mailine > >> kernel soon, in order to get distribution kernels fixed as soon as possible. It > >> is relatively easy to trigger the denial of service problem, making all > >> systems providing SCTP-based services vulnerable to a remote DoS attack. > >> > >> I have also been able to reproduce the problem with kernel 2.6.32, i.e. at > >> least all kernels from 2.6.32 to 2.6.36 are affected. > > > > Is this in Linus's tree now? If so, does anyone have the git commit id? > > Should be: 4bdab43323b459900578b200a4b8cf9713ac8fab Wonderful, now queued up. thanks, greg k-h -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists