blob: fbcdac9797416ca5e8e02b5bb4089b4f04f3510a (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
Candidate: CVE-2006-0035
References:
http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ad8e4b75c8a7bed475d72ce09bf5267188621961
Description:
Sanity check nlmsg_len during netlink_rcv_skb. An nlmsg_len == 0 can cause
infinite loop in kernel, effectively DoSing machine. Noted by Matin Murray.
Notes:
dannf> The vulnerable code doesn't exist in <= 2.6.8
Bugs:
upstream: released (2.6.15.1)
linux-2.6: released (2.6.15-3)
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
2.4.19-woody-security: N/A
2.4.18-woody-security: N/A
2.4.17-woody-security: N/A
2.4.16-woody-security: N/A
2.4.17-woody-security-hppa: N/A
2.4.17-woody-security-ia64: N/A
|
