[CVE-2011-3347] [Oneiric] [PATCH 0/3] be2net packet handling allows possible DOS
Brad Figg
brad.figg at canonical.com
Wed Feb 15 15:33:25 UTC 2012
On 02/15/2012 01:22 AM, Stefan Bader wrote:
> On 15.02.2012 10:12, Andy Whitcroft wrote:
>> On Tue, Feb 14, 2012 at 01:20:05PM -0800, Brad Figg wrote:
>>> CVE-2011-3347
>>> Non-member VLAN (virtual LAN) packet handling for interfaces in
>>> promiscuous mode and also using the be2net driver could allow an attacker
>>> on the local network to cause a denial of service.
>>>
>>> Following this cover-letter are three patches which address this issue. Two
>>> of the three are straight cherry-picks from Linus' tree. The third is a very
>>> minor backport due to the driver having been moved within the kernel tree.
>>>
>>> Proposing for Oneiric master.
>>>
>>> Ajit Khaparde (1):
>>> be2net: move to new vlan model
>>>
>>> Jiri Pirko (1):
>>> benet: remove bogus "unlikely" on vlan check
>>>
>>> Sathya Perla (1):
>>> be2net: non-member vlan pkts not received in promiscous mode
>>>
>>> drivers/net/benet/be.h | 1 -
>>> drivers/net/benet/be_cmds.c | 6 ++++--
>>> drivers/net/benet/be_main.c | 41 ++++++++++++++++-------------------------
>>> 3 files changed, 20 insertions(+), 28 deletions(-)
>>
>> I see there are 4 commits listed in the tracker for this, I assume the
>> first is not actually necessary? Is that correct?
>>
>> -apw
>>
> And one other thing I like about the way Andy does it and confuses me here is:
> why only onerirc? Cause in the tracker there is natty marked as affected too.
>
> -Stefan
Because the natty is a larger backport effort where oneiric is mostly a simple
cherry pick. Is your preference to not patch any of the stable kernels until
we have patches ready for all of them?
--
Brad Figg brad.figg at canonical.com http://www.canonical.com
More information about the kernel-team
mailing list