public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed
From: Florian Weimer <fw@deneb.enyo.de>
To: linux-kernel@vger.kernel.org
Subject: Unspecified remote crash in the IP forwarding path (2.6 only)
Date: Tue, 15 Feb 2005 11:07:15 +0100	[thread overview]
Message-ID: <87d5v2gmr0.fsf@deneb.enyo.de> (raw)

Ubuntu Security Notice USN-82-1 mentions a remote crash in the IP
forwarding path. Quote from the Ubuntu security advisory (apparently,
no CVE name has been assigned so far):

| http://oss.sgi.com/archives/netdev/2005-01/msg01036.html:
| 
|   David Coulson noticed a design flaw in the netfilter/iptables module.
|   By sending specially crafted packets, a remote attacker could exploit
|   this to crash the kernel or to bypass firewall rules.
| 
|   Fixing this vulnerability required a change in the Application
|   Binary Interface (ABI) of the kernel. This means that third party
|   user installed modules might not work any more with the new kernel,
|   so this fixed kernel has a new ABI version number. You have to
|   recompile and reinstall all third party modules.

I'm not sure if the referenced patch is the correct one, it seems to
have bugs.  Does anybody know the exact impact of this vulnerability?
The thread mostly deals with a crash due to an issue in the IP
fragmentation code.  I fail to see how it's related to the netfilter
code.

(What happened to the new security process, by the way?)

                 reply	other threads:[~2005-02-15 10:07 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=87d5v2gmr0.fsf@deneb.enyo.de \
    --to=fw@deneb.enyo.de \
    --cc=linux-kernel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox