[CVE-2011-1927] fragment storm vunerability
Andy Whitcroft
apw at canonical.com
Thu Jan 26 14:14:04 UTC 2012
CVE-2011-1927
In function icmp_send() (net/ipv4/icmp.c), the parameter passed
to dev_net() function is not properly validated. This can lead
to a NULL pointer dereference that crashes the kernel.
This issue was introduce in maverick, and fixes have hit natty and later
via mainline and stable. Following this email is a patch for maverick,
maverick/ti-omap4 and natty/ti-omap4. This patch is a simple cherry-pick
from mainline.
Proposing for maverick, maverick/ti-omap4 and natty/ti-omap4.
-apw
More information about the kernel-team
mailing list