APPLIED: [CVE-2011-1927] fragment storm vunerability
Tim Gardner
rtg.canonical at gmail.com
Thu Jan 26 14:56:49 UTC 2012
On 01/26/2012 07:14 AM, Andy Whitcroft wrote:
> CVE-2011-1927
> In function icmp_send() (net/ipv4/icmp.c), the parameter passed
> to dev_net() function is not properly validated. This can lead
> to a NULL pointer dereference that crashes the kernel.
>
> This issue was introduce in maverick, and fixes have hit natty and later
> via mainline and stable. Following this email is a patch for maverick,
> maverick/ti-omap4 and natty/ti-omap4. This patch is a simple cherry-pick
> from mainline.
>
> Proposing for maverick, maverick/ti-omap4 and natty/ti-omap4.
>
> -apw
>
--
Tim Gardner tim.gardner at canonical.com
More information about the kernel-team
mailing list