On Fri, Aug 05, 2005 at 06:58:12PM +0900, Horms wrote: > On Fri, Aug 05, 2005 at 11:27:26AM +0200, Moritz Muehlenhoff wrote: > > Package: linux-2.6 > > Severity: important > > Tags: security patch > > > > An overflow in sock->sk_policy could possibly be exploited as DoS or > > potential execution of arbitrary code. Please see > > http://www.mail-archive.com/netdev@vger.kernel.org/msg00520.html > > for details. A fix has been comitted into the git repo, please see > > http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=a4f1bac62564049ea4718c4624b0fadc9f597c84 > > > > This has been assigned CAN-2005-2456. > > Thanks, for Sarge 2.6.8 appears to be vulnerable, > and 2.4.27 does not. I have applied the patch into > SVN for 2.6.8.
Correction, 2.4.27 does seem vulnerable, I am fixing it now. -- Horms -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
