| To: | "David S. Miller" <davem@xxxxxxxxxxxxx> |
|---|---|
| Subject: | Re: skb_checksum_help |
| From: | Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> |
| Date: | Mon, 24 Jan 2005 15:56:35 +1100 |
| Cc: | tgraf@xxxxxxx, kaber@xxxxxxxxx, david@xxxxxxxxxxxxxxxx, netdev@xxxxxxxxxxx |
| In-reply-to: | <20050123202715.281ac87c.davem@xxxxxxxxxxxxx> |
| References: | <20050124005348.GL23931@xxxxxxxxxxxxxx> <E1Cst4o-0007bD-00@xxxxxxxxxxxxxxxxxxxxxxxx> <20050123202715.281ac87c.davem@xxxxxxxxxxxxx> |
| Sender: | netdev-bounce@xxxxxxxxxxx |
| User-agent: | Mutt/1.5.6+20040722i |
On Sun, Jan 23, 2005 at 08:27:15PM -0800, David S. Miller wrote: > > My current guess is that this is some successful exploit > of some as-yet-unknown issue in netfilter's fragmentation > handling. But that's just a guess. If some code underruns > skb->data somehow while unfragging/refragging, that's a sure > fire way to corrupt things such as the skb->ip_summed field. Another possibility is some bogus netfilter module that the reporter is using. His backtrace was showing an ipq_kill which isn't in the main tree. -- Visit Openswan at http://www.openswan.org/ Email: Herbert Xu ~{PmV>HI~} <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: skb_checksum_help, Patrick McHardy |
|---|---|
| Next by Date: | Re: skb_checksum_help, Patrick McHardy |
| Previous by Thread: | Re: skb_checksum_help, Patrick McHardy |
| Next by Thread: | Re: skb_checksum_help, Patrick McHardy |
| Indexes: | [Date] [Thread] [Top] [All Lists] |