r4475 - people/micah
Dann Frazier
dannf at costa.debian.org
Sun Oct 16 15:42:36 UTC 2005
Author: dannf
Date: 2005-10-16 15:42:36 +0000 (Sun, 16 Oct 2005)
New Revision: 4475
Modified:
people/micah/pending_CVE_requests
Log:
cleanup wording
Modified: people/micah/pending_CVE_requests
===================================================================
--- people/micah/pending_CVE_requests 2005-10-16 09:58:51 UTC (rev 4474)
+++ people/micah/pending_CVE_requests 2005-10-16 15:42:36 UTC (rev 4475)
@@ -117,10 +117,10 @@
TODO: how is this a security issue?
dannf> I'm not positive it is; but if it is, this description should do.
Draft CVE Text:
-A potential memory corruption exists in the NAT code in Linux 2.6 kernels prior to 2.6.13. The portptr
+A potential memory corruption bug exists in the NAT code in Linux 2.6 kernels prior to 2.6.13. The portptr
pointing to the port in the conntrack tuple is declared static, which could result in memory corruption when
two packets of the same protocol are NATed at the same time and one conntrack goes away. A malicious machine
-on the same network could potential use this to initiate a DoS attack.
+on the same network could potentially use this to initiate a DoS attack.
* netfilter-ip_conntrack_untracked-refcount.dpatch
TODO: CVE text (how is this a security issue?)
More information about the Kernel-svn-changes
mailing list