blob: b656dac1bbf4270bd841f761d87dd90ec350dc9e (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
|
Candidate: CVE-2007-2242
References:
http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.20.y.git;a=commit;h=010831ab8436dfd9304b203467566fb6b135c24f
http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.20.y.git;a=commit;h=9d08f139275450f9366d85ba09b9a2e09bb33766
Description:
The IPv6 protocol allows remote attackers to cause a denial of service via
crafted IPv6 type 0 route headers (IPV6_RTHDR_TYPE_0) that create network
amplification between two routers.
Ubuntu-Description:
A flaw was discovered in the IPv6 stack's handling of type 0 route headers.
By sending a specially crafted IPv6 packet, a remote attacker could cause
a denial of service between two IPv6 hosts.
Notes:
dannf> Some info from Vlad Yasevich:
<vlad> dannf: is someone including commits 010831ab8436dfd9304b203467566fb6b135c24f and 9d08f139275450f9366d85ba09b9a2e09bb33766 (IPv6 routing header changes) in the debian kernel?
...
<dannf> vlad: right, but (010831ab8436dfd9304b203467566fb6b135c24f) is security, so it'll be included in etch if necessary
<dannf> s/necessary/affected/
<vlad> dannf: you need the second one I listed as well, since the first one has a bug in it.
<dannf> vlad: oh, ok - thx
<vlad> dannf: although for the purposes of 2.6.18, the second one might be a no-op and the first one might need to be modified a bit.
jmm> Contacted Willy
dannf> functions are different, but 2.4 code looks similar
dannf> My 2.4 backport attempt causes a crash at boot time, ignoring for now
Bugs: 421595
upstream: released (2.6.21)
linux-2.6: released (2.6.21-1)
2.6.18-etch-security: released (2.6.18.dfsg.1-13etch1) [bugfix/ipv6-disallow-RH0-by-default.patch]
2.6.8-sarge-security: needed
2.4.27-sarge-security: ignored (2.4.27-10sarge6) "needs port"
2.6.15-dapper-security: released (2.6.15-29.58)
2.6.17-edgy-security: released (2.6.17.1-11.39) [fee89820efa8e3479b39149dcfb2b1bccdaadedc]
2.6.20-feisty-security: released (2.6.20-16.28)
|