[CVE-2011-1748] can: add missing socket check in can/raw release
Andy Whitcroft
apw at canonical.com
Thu May 26 16:07:34 UTC 2011
CVE-2011-1748
The raw_release function in net/can/raw.c in the Linux kernel
before 2.6.39-rc6 does not properly validate a socket data
structure, which allows local users to cause a denial of service
(NULL pointer dereference) or possibly have unspecified other
impact via a crafted release operation.
The fix for this issue is already applied to Oneiric, Natty, and Lucid
arriving via mainline/stable updates. Neither of Hardy or Dapper
contain the affected protocol. Following this email is a patch for
Maverick cherry-picked from mainline.
Proposing for Maverick.
-apw
More information about the kernel-team
mailing list