oss-security February 2011 archive
Main Archive Page > Month Archives  > oss-security archives
oss-security: [oss-security] CVE request - kernel: bridge br_mul

[oss-security] CVE request - kernel: bridge br_multicast NULL pointer dereference

From: Eugene Teo <eugene_at_nospam>
Date: Wed Feb 16 2011 - 08:31:29 GMT
To: oss-security@lists.openwall.com

"Somewhere along the line the NULL check in br_mdb_ip_get went AWOL,
causing crashes when we receive an IGMP packet with no multicast table
allocated.

This patch restores it and ensures all br_mdb_*_get functions use it."

http://git.kernel.org/linus/7f285fa78d4b81b8458f05e77fb6b46245121b4e

Did a quick check: net/bridge/br_multicast.c was introduced in eb1d1641
(2.6.34-rc1), the check was removed in 8ef2a9a5 (v2.6.35-rc1), and
subsequently restored in 7f285fa78d (v2.6.35-rc5).

Thanks, Eugene