blob: 2825deccde842aeba8ebe63c06fbf1e3676aad20 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
|
Candidate: CVE-2008-5713
Description:
The __qdisc_run function in net/sched/sch_generic.c in the Linux
kernel before 2.6.25 on SMP machines allows local users to cause a
denial of service (soft lockup) by sending a large amount of network
traffic, as demonstrated by multiple simultaneous invocations of the
Netperf benchmark application in UDP_STREAM mode.
References:
http://openwall.com/lists/oss-security/2008/12/23/1
http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.27.y.git;a=commit;h=2ba2506ca7ca62c56edaa334b0fe61eb5eab6ab0
https://bugzilla.redhat.com/show_bug.cgi?id=477744
https://bugzilla.redhat.com/attachment.cgi?id=327745
http://www.securityfocus.com/bid/32985
Ubuntu-Description:
Notes:
Bugs:
upstream: released (2.6.24.5, 2.6.25-rc9) [2ba2506ca7ca62c56edaa334b0fe61eb5eab6ab0]
linux-2.6: released (2.6.25-1)
2.6.18-etch-security: released (2.6.18.dfsg.1-24etch1) [bugfix/all/net-add-preempt-point-in-qdisc_run.patch]
2.6.24-etch-security: released (2.6.24-6~etchnhalf.1) [bugfix/all/stable/2.6.24.5.patch]
2.6.26-lenny-security: N/A
2.6.15-dapper-security:
2.6.22-gutsy-security:
2.6.24-hardy-security:
2.6.27-intrepid-security:
|
