[kernel-sec-discuss] r1973 - active
Moritz Muehlenhoff
jmm at alioth.debian.org
Mon Sep 27 09:38:48 UTC 2010
Author: jmm
Date: 2010-09-27 09:38:41 +0000 (Mon, 27 Sep 2010)
New Revision: 1973
Added:
active/CVE-2010-3432
Log:
new issue
Added: active/CVE-2010-3432
===================================================================
--- active/CVE-2010-3432 (rev 0)
+++ active/CVE-2010-3432 2010-09-27 09:38:41 UTC (rev 1973)
@@ -0,0 +1,15 @@
+Candidate: CVE-2010-3432
+Description:
+ sctp_packet_config() is called when getting the packet ready for appending of
+ chunks. The function should not touch the current state, since it's possible
+ to ping-pong between two transports when sending, and that can result packet
+ corruption followed by skb overlfow crash.
+References:
+ 4bdab43323b459900578b200a4b8cf9713ac8fab
+Notes:
+Bugs:
+upstream:
+2.6.32-upstream-stable: released (2.6.32.23)
+linux-2.6:
+2.6.26-lenny-security:
+2.6.32-squeeze-security:
More information about the kernel-sec-discuss
mailing list