[CVE-2011-2699] ipv6: make fragment identifications less predictable
Andy Whitcroft
apw at canonical.com
Tue Aug 23 14:58:27 UTC 2011
CVE-2011-2699
Fernando Gont discovered that the IPv6 stack used predictable
fragment identification numbers. A remote attacker could exploit
this to exhaust network resources, leading to a denial of service.
Fixes for this have hit Oneiric and P via mainline and stable updates.
Following this email are patches for natty, natty/ti-omap4, maverick,
maverick/ti-omap4, lucid, lucid/fsl-imx51, and hardy. These are all
relativly minor backports, though there are variations as we roll
backwards.
As there are currently no security tests for these, and because they
ony affect a very tiny fragmentation case they are hard to actually test.
These have only been compile tested. They have been reviewed by eye and
appear sensible in context.
Proposing for natty, natty/ti-omap4, maverick, maverick/ti-omap4, lucid,
lucid/fsl-imx51, and hardy.
-apw
More information about the kernel-team
mailing list