[kernel] r6749 - patch-tracking
Dann Frazier
dannf at costa.debian.org
Mon May 29 03:55:17 UTC 2006
Author: dannf
Date: Mon May 29 03:55:17 2006
New Revision: 6749
Modified:
patch-tracking/CVE-2006-2274
Log:
updated info
Modified: patch-tracking/CVE-2006-2274
==============================================================================
--- patch-tracking/CVE-2006-2274 (original)
+++ patch-tracking/CVE-2006-2274 Mon May 29 03:55:17 2006
@@ -1,16 +1,26 @@
Candidate: CVE-2006-2274
References:
+ CONFIRM:http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=672e7cca17ed6036a1756ed34cf20dbd72d5e5f6
+ URL:http://www.securityfocus.com/bid/17955
+ URL:http://secunia.com/advisories/20237
+ URL:http://xforce.iss.net/xforce/xfdb/26432
Description:
+ Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial
+ of service (infinite recursion and crash) via a packet that contains two or
+ more DATA fragments, which causes an skb pointer to refer back to itself when
+ the full message is reassembled, leading to infinite recursion in the
+ sctp_skb_pull function.
Notes:
+ dannf> Submitted to Marcelo for 2.4
Bugs:
upstream: released (2.6.16.15)
-linux-2.6:
+linux-2.6: released (2.6.16-13)
2.6.8-sarge-security: pending (2.6.8-16sarge3)
2.4.27-sarge-security: pending (2.4.27-10sarge3)
2.4.27:
-2.4.19-woody-security:
-2.4.18-woody-security:
-2.4.17-woody-security:
-2.4.16-woody-security:
-2.4.17-woody-security-hppa:
-2.4.17-woody-security-ia64:
+2.4.19-woody-security: N/A
+2.4.18-woody-security: N/A
+2.4.17-woody-security: N/A
+2.4.16-woody-security: N/A
+2.4.17-woody-security-hppa: N/A
+2.4.17-woody-security-ia64: N/A
More information about the Kernel-svn-changes
mailing list