| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20111113201336.GA1362@elgon.mountain> Date: Sun, 13 Nov 2011 23:13:36 +0300 From: Dan Carpenter <dan.carpenter@...cle.com> To: stable@...r.kernel.org Cc: Greg Kroah-Hartman <greg@...ah.com>, netdev@...r.kernel.org, Zhu Yi <yi.zhu@...el.com>, Eric Dumazet <eric.dumazet@...il.com> Subject: [patch 0/8 2.6.32] CVE-2010-4251: packet backlog can get too large I'm still very new to this whole -stable business so please let me know if I do somethig wrong. This patch series is to address CVE-2010-4251 for the 2.6.32 stable kernel. Here is the CVE summary: "The socket implementation in net/core/sock.c in the Linux kernel before 2.6.34 does not properly manage a backlog of received packets, which allows remote attackers to cause a denial of service (memory consumption) by sending a large amount of network traffic, as demonstrated by netperf UDP tests." [patch 1/8] introduces sk_add_backlog_limited() [patch 2-7/8] change each network protocol to use sk_add_backlog_limited() where appropriate. [patch 8/8] renames sk_add_backlog() to __sk_add_backlog() and sk_add_backlog_limited() to sk_add_backlog(). The patches mostly apply without changes. The exception is: [patch 2/8] udp: use limited socket backlog Then the rename [patch 8/8] needed to be changed as well to match. regards, dan carpenter -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists