From: Dan Carpenter <dan.carpenter@oracle.com>
To: stable@vger.kernel.org
Cc: Greg Kroah-Hartman <greg@kroah.com>,
netdev@vger.kernel.org, Zhu Yi <yi.zhu@intel.com>,
Eric Dumazet <eric.dumazet@gmail.com>
Subject: [patch 0/8 2.6.32] CVE-2010-4251: packet backlog can get too large
Date: Sun, 13 Nov 2011 23:13:36 +0300 [thread overview]
Message-ID: <20111113201336.GA1362@elgon.mountain> (raw)
I'm still very new to this whole -stable business so please let me
know if I do somethig wrong.
This patch series is to address CVE-2010-4251 for the 2.6.32 stable
kernel. Here is the CVE summary:
"The socket implementation in net/core/sock.c in the Linux kernel
before 2.6.34 does not properly manage a backlog of received
packets, which allows remote attackers to cause a denial of service
(memory consumption) by sending a large amount of network traffic,
as demonstrated by netperf UDP tests."
[patch 1/8] introduces sk_add_backlog_limited()
[patch 2-7/8] change each network protocol to use sk_add_backlog_limited()
where appropriate.
[patch 8/8] renames sk_add_backlog() to __sk_add_backlog() and
sk_add_backlog_limited() to sk_add_backlog().
The patches mostly apply without changes. The exception is:
[patch 2/8] udp: use limited socket backlog
Then the rename [patch 8/8] needed to be changed as well to match.
regards,
dan carpenter
next reply other threads:[~2011-11-13 20:13 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-11-13 20:13 Dan Carpenter [this message]
2011-11-13 20:17 ` [patch 2/8 2.6.32] udp: use limited socket backlog Dan Carpenter
2011-11-13 20:18 ` [patch 3/8 2.6.32] x25: " Dan Carpenter
2011-11-13 20:18 ` [patch 4/8 2.6.32] sctp: " Dan Carpenter
2011-11-13 20:18 ` [patch 5/8 2.6.32] tipc: " Dan Carpenter
2011-11-13 20:19 ` [patch 6/8 2.6.32] tcp: " Dan Carpenter
2011-11-13 20:19 ` [patch 7/8 2.6.32] llc: " Dan Carpenter
2011-11-13 20:19 ` [patch 8/8 2.6.32] net: backlog functions rename Dan Carpenter
2011-11-13 20:58 ` [patch 0/8 2.6.32] CVE-2010-4251: packet backlog can get too large David Miller
2011-11-13 23:29 ` Ben Hutchings
2011-11-14 3:24 ` David Miller
2011-11-14 18:11 ` Greg KH
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20111113201336.GA1362@elgon.mountain \
--to=dan.carpenter@oracle.com \
--cc=eric.dumazet@gmail.com \
--cc=greg@kroah.com \
--cc=netdev@vger.kernel.org \
--cc=stable@vger.kernel.org \
--cc=yi.zhu@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.