From: Dan Carpenter <dan.carpenter@oracle.com>
To: stable@vger.kernel.org
Cc: Greg Kroah-Hartman <greg@kroah.com>,
netdev@vger.kernel.org, Zhu Yi <yi.zhu@intel.com>,
Eric Dumazet <eric.dumazet@gmail.com>
Subject: [patch 0/8 2.6.32] CVE-2010-4251: packet backlog can get too large
Date: Sun, 13 Nov 2011 23:13:36 +0300 [thread overview]
Message-ID: <20111113201336.GA1362@elgon.mountain> (raw)
I'm still very new to this whole -stable business so please let me
know if I do somethig wrong.
This patch series is to address CVE-2010-4251 for the 2.6.32 stable
kernel. Here is the CVE summary:
"The socket implementation in net/core/sock.c in the Linux kernel
before 2.6.34 does not properly manage a backlog of received
packets, which allows remote attackers to cause a denial of service
(memory consumption) by sending a large amount of network traffic,
as demonstrated by netperf UDP tests."
[patch 1/8] introduces sk_add_backlog_limited()
[patch 2-7/8] change each network protocol to use sk_add_backlog_limited()
where appropriate.
[patch 8/8] renames sk_add_backlog() to __sk_add_backlog() and
sk_add_backlog_limited() to sk_add_backlog().
The patches mostly apply without changes. The exception is:
[patch 2/8] udp: use limited socket backlog
Then the rename [patch 8/8] needed to be changed as well to match.
regards,
dan carpenter
next reply other threads:[~2011-11-13 20:13 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-11-13 20:13 Dan Carpenter [this message]
2011-11-13 20:17 ` [patch 2/8 2.6.32] udp: use limited socket backlog Dan Carpenter
2011-11-13 20:18 ` [patch 3/8 2.6.32] x25: " Dan Carpenter
2011-11-13 20:18 ` [patch 4/8 2.6.32] sctp: " Dan Carpenter
2011-11-13 20:18 ` [patch 5/8 2.6.32] tipc: " Dan Carpenter
2011-11-13 20:19 ` [patch 6/8 2.6.32] tcp: " Dan Carpenter
2011-11-13 20:19 ` [patch 7/8 2.6.32] llc: " Dan Carpenter
2011-11-13 20:19 ` [patch 8/8 2.6.32] net: backlog functions rename Dan Carpenter
2011-11-13 20:58 ` [patch 0/8 2.6.32] CVE-2010-4251: packet backlog can get too large David Miller
2011-11-13 23:29 ` Ben Hutchings
2011-11-14 3:24 ` David Miller
2011-11-14 18:11 ` Greg KH
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20111113201336.GA1362@elgon.mountain \
--to=dan.carpenter@oracle.com \
--cc=eric.dumazet@gmail.com \
--cc=greg@kroah.com \
--cc=netdev@vger.kernel.org \
--cc=stable@vger.kernel.org \
--cc=yi.zhu@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).