* Unspecified remote crash in the IP forwarding path (2.6 only)
@ 2005-02-15 10:07 Florian Weimer
0 siblings, 0 replies; only message in thread
From: Florian Weimer @ 2005-02-15 10:07 UTC (permalink / raw)
To: linux-kernel
Ubuntu Security Notice USN-82-1 mentions a remote crash in the IP
forwarding path. Quote from the Ubuntu security advisory (apparently,
no CVE name has been assigned so far):
| http://oss.sgi.com/archives/netdev/2005-01/msg01036.html:
|
| David Coulson noticed a design flaw in the netfilter/iptables module.
| By sending specially crafted packets, a remote attacker could exploit
| this to crash the kernel or to bypass firewall rules.
|
| Fixing this vulnerability required a change in the Application
| Binary Interface (ABI) of the kernel. This means that third party
| user installed modules might not work any more with the new kernel,
| so this fixed kernel has a new ABI version number. You have to
| recompile and reinstall all third party modules.
I'm not sure if the referenced patch is the correct one, it seems to
have bugs. Does anybody know the exact impact of this vulnerability?
The thread mostly deals with a crash due to an issue in the IP
fragmentation code. I fail to see how it's related to the netfilter
code.
(What happened to the new security process, by the way?)
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2005-02-15 10:07 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-02-15 10:07 Unspecified remote crash in the IP forwarding path (2.6 only) Florian Weimer
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox