r4476 - people/micah
Dann Frazier
dannf at costa.debian.org
Sun Oct 16 15:58:35 UTC 2005
Author: dannf
Date: 2005-10-16 15:58:34 +0000 (Sun, 16 Oct 2005)
New Revision: 4476
Modified:
people/micah/pending_CVE_requests
Log:
text cleanups
Modified: people/micah/pending_CVE_requests
===================================================================
--- people/micah/pending_CVE_requests 2005-10-16 15:42:36 UTC (rev 4475)
+++ people/micah/pending_CVE_requests 2005-10-16 15:58:34 UTC (rev 4476)
@@ -72,8 +72,8 @@
Detaching a USB keyboard in Linux 2.6 kernels prior to 2.6.12 may trigger an oops and leave the keyboard
unusable until a reboot.
- * net-ipv4-ipvs-conn_tab-race.dpatch
- [Security] Fix race condition on ip_vs_conn_tab list modification
+* net-ipv4-ipvs-conn_tab-race.dpatch
+[Security] Fix race condition on ip_vs_conn_tab list modification
Draft CVE text:
A race condition resulting in a potential DoS was discovered in
ip_vs_conn_flush in 2.6 kernels earlier than 2.6.13 and 2.4 kernels
@@ -117,10 +117,10 @@
TODO: how is this a security issue?
dannf> I'm not positive it is; but if it is, this description should do.
Draft CVE Text:
-A potential memory corruption bug exists in the NAT code in Linux 2.6 kernels prior to 2.6.13. The portptr
-pointing to the port in the conntrack tuple is declared static, which could result in memory corruption when
-two packets of the same protocol are NATed at the same time and one conntrack goes away. A malicious machine
-on the same network could potentially use this to initiate a DoS attack.
+A potential memory corruption bug exists in the NAT code in Linux kernels prior to 2.6.13 and 2.4.32-rc1.
+The portptr pointing to the port in the conntrack tuple is declared static, which could result in memory
+corruption when two packets of the same protocol are NATed at the same time and one conntrack goes away. A
+malicious machine on the same network could potentially use this to initiate a DoS attack.
* netfilter-ip_conntrack_untracked-refcount.dpatch
TODO: CVE text (how is this a security issue?)
More information about the Kernel-svn-changes
mailing list