[oss-security] CVE request - kernel: bridge br_multicast NULL pointer dereference

From: Eugene Teo <eugene_at_nospam>
Date: Wed Feb 16 2011 - 08:31:29 GMT
To: oss-security@lists.openwall.com

"Somewhere along the line the NULL check in br_mdb_ip_get went AWOL,
causing crashes when we receive an IGMP packet with no multicast table
allocated.

This patch restores it and ensures all br_mdb_*_get functions use it."

http://git.kernel.org/linus/7f285fa78d4b81b8458f05e77fb6b46245121b4e

Did a quick check: net/bridge/br_multicast.c was introduced in eb1d1641
(2.6.34-rc1), the check was removed in 8ef2a9a5 (v2.6.35-rc1), and
subsequently restored in 7f285fa78d (v2.6.35-rc5).

Thanks, Eugene

This message: [ Message body ]
Next message: Pierre Joye: "[oss-security] Re: PHP Exif 64bit Casting Vulnerability, CVE request"
Previous message: Pierre Joye: "[oss-security] PHP Exif 64bit Casting Vulnerability, CVE request"
Next in thread: Josh Bressers: "Re: [oss-security] CVE request - kernel: bridge br_multicast NULL pointer dereference"
Reply: Josh Bressers: "Re: [oss-security] CVE request - kernel: bridge br_multicast NULL pointer dereference"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]