[kernel] r5412 - patch-tracking
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Wed Jan 11 22:45:33 UTC 2006
Author: jmm-guest
Date: Wed Jan 11 22:45:30 2006
New Revision: 5412
Added:
patch-tracking/CVE-2006-0037
Log:
another netfilter dos
Added: patch-tracking/CVE-2006-0037
==============================================================================
--- (empty file)
+++ patch-tracking/CVE-2006-0037 Wed Jan 11 22:45:30 2006
@@ -0,0 +1,22 @@
+Candidate: CVE-2006-0037
+References: http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=03b9feca89366952ae5dfe4ad8107b1ece50b710
+Description:
+ The PPTP NAT helper calculates the offset at which the packet needs
+ to be mangled as difference between two pointers to the header. With
+ non-linear skbs however the pointers may point to two seperate buffers
+ on the stack and the calculation results in a wrong offset beeing
+ used.
+Notes:
+ jmm> The vulnerable code isn't present in 2.4 and 2.6.8
+Bugs:
+upstream:
+linux-2.6: needed
+2.6.8-sarge-security: N/A
+2.4.27-sarge-security: N/A
+2.4.27: N/A
+2.4.19-woody-security: N/A
+2.4.18-woody-security: N/A
+2.4.17-woody-security: N/A
+2.4.16-woody-security: N/A
+2.4.17-woody-security-hppa: N/A
+2.4.17-woody-security-ia64: N/A
More information about the Kernel-svn-changes
mailing list