Re: Remote DoS vulnerability in Linux kernel 2.6.x (fwd)

To:	"David S. Miller" <davem@xxxxxxxxxx>
Subject:	Re: Remote DoS vulnerability in Linux kernel 2.6.x (fwd)
From:	Harald Welte <laforge@xxxxxxxxxxxxx>
Date:	Thu, 1 Jul 2004 11:10:48 +0200
Cc:	James Morris <jmorris@xxxxxxxxxx>, netfilter-devel@xxxxxxxxxxxxxxxxxxx, netdev@xxxxxxxxxxx, arjanv@xxxxxxxxxx, kuznet@xxxxxxxxxxxxx
In-reply-to:	<20040630144230.1d52864b.davem@xxxxxxxxxx>
Mail-followup-to:	Harald Welte <laforge@xxxxxxxxxxxxx>, "David S. Miller" <davem@xxxxxxxxxx>, James Morris <jmorris@xxxxxxxxxx>, netfilter-devel@xxxxxxxxxxxxxxxxxxx, netdev@xxxxxxxxxxx, arjanv@xxxxxxxxxx, kuznet@xxxxxxxxxxxxx
References:	<Xine.LNX.4.44.0406301423320.32212-100000@xxxxxxxxxxxxxxxxxxxxxxxx> <Xine.LNX.4.44.0406301507320.32316-100000@xxxxxxxxxxxxxxxxxxxxxxxx> <20040630144230.1d52864b.davem@xxxxxxxxxx>
Sender:	netdev-bounce@xxxxxxxxxxx
User-agent:	Mutt/1.5.5.1+cvs20040105i

To:

"David S. Miller" <davem@xxxxxxxxxx>

Subject:

Re: Remote DoS vulnerability in Linux kernel 2.6.x (fwd)

From:

Harald Welte <laforge@xxxxxxxxxxxxx>

Date:

Thu, 1 Jul 2004 11:10:48 +0200

Cc:

James Morris <jmorris@xxxxxxxxxx>, netfilter-devel@xxxxxxxxxxxxxxxxxxx, netdev@xxxxxxxxxxx, arjanv@xxxxxxxxxx, kuznet@xxxxxxxxxxxxx

In-reply-to:

<20040630144230.1d52864b.davem@xxxxxxxxxx>

Mail-followup-to:

Harald Welte <laforge@xxxxxxxxxxxxx>, "David S. Miller" <davem@xxxxxxxxxx>, James Morris <jmorris@xxxxxxxxxx>, netfilter-devel@xxxxxxxxxxxxxxxxxxx, netdev@xxxxxxxxxxx, arjanv@xxxxxxxxxx, kuznet@xxxxxxxxxxxxx

References:

<Xine.LNX.4.44.0406301423320.32212-100000@xxxxxxxxxxxxxxxxxxxxxxxx> <Xine.LNX.4.44.0406301507320.32316-100000@xxxxxxxxxxxxxxxxxxxxxxxx> <20040630144230.1d52864b.davem@xxxxxxxxxx>

Sender:

netdev-bounce@xxxxxxxxxxx

User-agent:

Mutt/1.5.5.1+cvs20040105i

On Wed, Jun 30, 2004 at 02:42:30PM -0700, David S. Miller wrote:
 
> This bug only came up because up the huge change Rusty and Harald did
> to make these modules not access the SKB header data directly, and
> instead to use local on-stack copies and skb_copy_bits().

A change we had to make in order not to assume fully linearized packet
including the tcp header.

I suppose the trivial fix has already been pushed upstream...

Very unfortunate that vendors weren't informed in advance :(

-- 
- Harald Welte <laforge@xxxxxxxxxxxxx>             http://www.netfilter.org/
============================================================================
  "Fragmentation is like classful addressing -- an interesting early
   architectural error that shows how much experimentation was going
   on while IP was being designed."                    -- Paul Vixie

signature.asc
Description: Digital signature

<Prev in Thread]	Current Thread	[Next in Thread>
Re: Remote DoS vulnerability in Linux kernel 2.6.x (fwd), Harald Welte <=

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:	Fw: [Bugme-new] [Bug 2991] New: vlan (8021q) is working bad with some sites and some ports, Andrew Morton
Next by Date:	Resend: [NETDRV] Fix successive calls to spin_lock_irqsave in sk98lin, Herbert Xu
Previous by Thread:	Fw: [Bugme-new] [Bug 2991] New: vlan (8021q) is working bad with some sites and some ports, Andrew Morton
Next by Thread:	Resend: [NETDRV] Fix successive calls to spin_lock_irqsave in sk98lin, Herbert Xu
Indexes:	[Date] [Thread] [Top] [All Lists]

Previous by Date:

Fw: [Bugme-new] [Bug 2991] New: vlan (8021q) is working bad with some sites and some ports, Andrew Morton

Next by Date:

Resend: [NETDRV] Fix successive calls to spin_lock_irqsave in sk98lin, Herbert Xu

Previous by Thread:

Fw: [Bugme-new] [Bug 2991] New: vlan (8021q) is working bad with some sites and some ports, Andrew Morton

Next by Thread:

Resend: [NETDRV] Fix successive calls to spin_lock_irqsave in sk98lin, Herbert Xu

Indexes:

[Date] [Thread] [Top] [All Lists]