[FEISTY]: [PATCH] Denial of Service security fix from stable kernel 2.6.20.8

Ben Collins ben.collins at ubuntu.com
Thu May 3 15:02:22 UTC 2007


On Thu, 2007-05-03 at 13:57 +0100, Phillip Lougher wrote:
> >From d34a455146373a45238053c03b290e984224e0f6 Mon Sep 17 00:00:00 2001
> From: Alexey Kuznetsov <kuznet at ms2.inr.ac.ru>
> Date: Wed, 25 Apr 2007 20:59:03 +0000
> Subject: [PATCH] (Denial of Service security fix from stable kernel 2.6.20.8)
> 
> [PATCH] NETLINK: Infinite recursion in netlink.
> 
> [NETLINK]: Infinite recursion in netlink.
> 
> Reply to NETLINK_FIB_LOOKUP messages were misrouted back to kernel,
> which resulted in infinite recursion and stack overflow.
> 
> The bug is present in all kernel versions since the feature appeared.
> 
> The patch also makes some minimal cleanup:
> 
> 1. Return something consistent (-ENOENT) when fib table is missing
> 2. Do not crash when queue is empty (does not happen, but yet)
> 3. Put result of lookup
> 
> Signed-off-by: Alexey Kuznetsov <kuznet at ms2.inr.ac.ru>
> Signed-off-by: David S. Miller <davem at davemloft.net>
> Signed-off-by: Greg Kroah-Hartman <gregkh at suse.de>

ACK

-- 
Ubuntu:    http://www.ubuntu.com/
Linux1394: http://www.linux1394.org/





More information about the kernel-team mailing list