diff options
author | Moritz Muehlenhoff <jmm@debian.org> | 2010-12-12 11:56:40 +0000 |
---|---|---|
committer | Moritz Muehlenhoff <jmm@debian.org> | 2010-12-12 11:56:40 +0000 |
commit | 851360b91d5eeb8eee45fef3840b704a2972ff61 (patch) | |
tree | 9e5b3562205d264f3beeee78c311285f68080b7e /retired/CVE-2010-3432 | |
parent | 5b3db58ba24b67a0b5c4fade62fe1a508617a467 (diff) |
retire more issues
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@2084 e094ebfe-e918-0410-adfb-c712417f3574
Diffstat (limited to 'retired/CVE-2010-3432')
-rw-r--r-- | retired/CVE-2010-3432 | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/retired/CVE-2010-3432 b/retired/CVE-2010-3432 new file mode 100644 index 00000000..98a23fc0 --- /dev/null +++ b/retired/CVE-2010-3432 @@ -0,0 +1,15 @@ +Candidate: CVE-2010-3432 +Description: + sctp_packet_config() is called when getting the packet ready for appending of + chunks. The function should not touch the current state, since it's possible + to ping-pong between two transports when sending, and that can result packet + corruption followed by skb overlfow crash. +References: + 4bdab43323b459900578b200a4b8cf9713ac8fab +Notes: +Bugs: +upstream: released (2.6.36-rc5) +2.6.32-upstream-stable: released (2.6.32.23) +linux-2.6: released (2.6.32-24) +2.6.26-lenny-security: released (2.6.26-26lenny1) [bugfix/all/sctp-do-not-reset-the-packet-during-sctp_packet_config.patch] +2.6.32-squeeze-security: released (2.6.32-24) |