[FEISTY] CVE-2007-1388: [PATCH] [IPV6]: Fix for ipv6_setsockopt NULL dereference

Ben Collins ben.collins at ubuntu.com
Thu May 3 14:57:30 UTC 2007


On Wed, 2007-05-02 at 00:50 +0100, Phillip lougher wrote:
> >From 7464e88aa8e5444192fe5dd7d52227aa2e6cf582 Mon Sep 17 00:00:00 2001
> From: Olaf Kirch <olaf.kirch at oracle.com>
> Date: Fri, 9 Mar 2007 23:03:53 -0800
> Subject: [PATCH] [IPV6]: Fix for ipv6_setsockopt NULL dereference (CVE-2007-1388)
> 
>  Gabriel Campana discovered that the do_ipv6_setsockopt() function did
>  not sufficiently verifiy option values for IPV6_RTHDR. A local
>  attacker could exploit this to trigger a kernel crash.
> 
> Signed-off-by: Olaf Kirch <olaf.kirch at oracle.com>
> Signed-off-by: David S. Miller <davem at davemloft.net>
> Signed-off-by: Greg Kroah-Hartman <gregkh at suse.de>

ACK

-- 
Ubuntu:    http://www.ubuntu.com/
Linux1394: http://www.linux1394.org/





More information about the kernel-team mailing list