APPLIED: [CVE-2011-2534] netfilter: ipt_CLUSTERIP: fix buffer overflow
Tim Gardner
tim.gardner at canonical.com
Thu Jul 7 13:23:36 UTC 2011
On 07/07/2011 03:28 AM, Andy Whitcroft wrote:
> CVE-2011-2534
> Buffer overflow in the clusterip_proc_write function in
> net/ipv4/netfilter/ipt_CLUSTERIP.c in the Linux kernel before
> 2.6.39 might allow local users to cause a denial of service or
> have unspecified other impact via a crafted write operation,
> related to string data that lacks a terminating '\0' character.
>
> This bug has already been fixed via mainline and stable for the latest
> releases, or by Paolo for the ARM branches. Hardy is the only release
> still affected. Following this email is a patch for Hardy which is a
> clean cherry-pick from upstream.
>
> Proposing for SRU to hardy.
>
> -apw
>
--
Tim Gardner tim.gardner at canonical.com
More information about the kernel-team
mailing list