| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <BANLkTinNeK1KVv8L-+ySgG-nfhg1=eiUPg@mail.gmail.com> Date: Tue, 17 May 2011 09:31:28 +0200 From: Aristide Fattori <joystick@...urity.dico.unimi.it> To: Eric Dumazet <eric.dumazet@...il.com>, netdev@...r.kernel.org, roberto.paleari@...ze.net Subject: Re: Null pointer dereference in icmp_send Hi Eric, On Mon, May 16, 2011 at 11:38 PM, Eric Dumazet <eric.dumazet@...il.com> wrote: > Le lundi 16 mai 2011 à 23:27 +0200, Eric Dumazet a écrit : >> You forgot to tell us which linux version you used ? Sorry about that, we verified the bug in versions 2.6.38.3, 2.6.38.4 and 2.6.38.6, but we didn't check the svn version :-) > ... > But if a timeout occurs, we take first queued fragment to build one ICMP > TIME EXCEEDED message. Problem is all queued skb have weak dst pointers, > ... At a first glance, it appears we identified the same bug you already fixed. If you want to double check, we can send you the "long version report" that we submitted at first to security@...nel.org and david@...emloft.net. > It is scheduled for linux-2.6.38 stable tree as well Good job! :-) -- GnuPG Key on keyserver.pgp.com ID 0x25578128 http://security.dico.unimi.it/~joystick/ -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists