[Expired for linux (Ubuntu) because there has been no activity for 60
days.]
** Changed in: linux (Ubuntu)
Status: Incomplete => Expired
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1739765
Title:
xt_TCPMSS buffer overflow bug
Status in linux package in Ubuntu:
Expired
Bug description:
Bug was reported in LKML here: https://lkml.org/lkml/2017/4/2/13
In few words - corrupted packet might be used to modify memory at router who
has xt_TCPMSS used as iptables action.
This is really nasty bug, and can be triggered remotely by malicious person
on anything that usually use this iptables action (PPPoE/PPTP-enabled ISP or
VPN provider, for example).
This bug existed for several years, i guess.
I waited for a while since April, as it's already pushed to stable, and
probably all distributions have it updated, so now it's time to do bugreport,
to make sure it is really fixed everywhere.
Maybe worth to assign CVE for it?
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1739765/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
