[CVE-2011-4087] Multiple remote denial of service in Linux bridge

Tim Gardner tim.gardner at canonical.com
Mon Nov 21 13:40:07 UTC 2011


On 11/21/2011 05:14 AM, Andy Whitcroft wrote:
> CVE-2011-4087
> 	Scot Doyle discovered that the bridge networking interface
> 	incorrectly handled certain network packets. A remote attacker
> 	could exploit this to crash the system, leading to a denial
> 	of service.
>
> Fixes for this issue have hit natty and later via mainline and stable.
> Releases prior to natty are not affected.  Following this email is the
> one remaining patch required for natty/ti-omap4, this is a direct
> cherry-pick of the upstream backport on natty/master.
>
> Proposing for natty/ti-omap4.
>
> -apw
>

Is this the right description? The patch appears to have nothing to do 
with bridge code.

rtg
-- 
Tim Gardner tim.gardner at canonical.com




More information about the kernel-team mailing list