[Bug 1037456] [NEW] CVE-2012-3412

Thu, 16 Aug 2012 01:25:58 -0700 

*** This bug is a security vulnerability ***

Public security bug reported:

A peer (or local user) may cause TCP to use a nominal MSS of as little
as 88 (actual MSS of 76 with timestamps).  Given that we have a
sufficiently prodigious local sender and the peer ACKs quickly enough,
it is nevertheless possible to grow the window for such a connection to
the point that we will try to send just under 64K at once.  This results
in a single skb that expands to 861 segments. In the sfc driver, such an
skb will require hundreds of DMA descriptors; a substantial fraction of
a TX ring or even more than a full ring.  The TX queue selected for the
skb may stall and trigger the TX watchdog repeatedly (since the problem
skb will be retried after the TX reset).

Break-Fix: - 30b678d844af3305cda5953467005cebb5d7b687
Break-Fix: - 7e6d06f0de3f74ca929441add094518ae332257c
Break-Fix: - 1485348d2424e1131ea42efc033cbd9366462b01

** Affects: linux (Ubuntu)
     Importance: Low
         Status: New

** Affects: linux-armadaxp (Ubuntu)
     Importance: Low
         Status: New

** Affects: linux-ec2 (Ubuntu)
     Importance: Low
         Status: Invalid

** Affects: linux-fsl-imx51 (Ubuntu)
     Importance: Low
         Status: Invalid

** Affects: linux-lts-backport-maverick (Ubuntu)
     Importance: Low
         Status: Invalid

** Affects: linux-lts-backport-natty (Ubuntu)
     Importance: Low
         Status: Invalid

** Affects: linux-lts-backport-oneiric (Ubuntu)
     Importance: Low
         Status: Invalid

** Affects: linux-mvl-dove (Ubuntu)
     Importance: Low
         Status: Invalid

** Affects: linux-ti-omap4 (Ubuntu)
     Importance: Low
         Status: New

** Affects: linux (Ubuntu Lucid)
     Importance: Low
         Status: New

** Affects: linux-armadaxp (Ubuntu Lucid)
     Importance: Low
         Status: Invalid

** Affects: linux-ec2 (Ubuntu Lucid)
     Importance: Low
         Status: New

** Affects: linux-fsl-imx51 (Ubuntu Lucid)
     Importance: Low
         Status: Invalid

** Affects: linux-lts-backport-maverick (Ubuntu Lucid)
     Importance: Low
         Status: Invalid

** Affects: linux-lts-backport-natty (Ubuntu Lucid)
     Importance: Low
         Status: New

** Affects: linux-lts-backport-oneiric (Ubuntu Lucid)
     Importance: Low
         Status: New

** Affects: linux-mvl-dove (Ubuntu Lucid)
     Importance: Low
         Status: Invalid

** Affects: linux-ti-omap4 (Ubuntu Lucid)
     Importance: Low
         Status: Invalid

** Affects: linux (Ubuntu Natty)
     Importance: Low
         Status: New

** Affects: linux-armadaxp (Ubuntu Natty)
     Importance: Low
         Status: Invalid

** Affects: linux-ec2 (Ubuntu Natty)
     Importance: Low
         Status: Invalid

** Affects: linux-fsl-imx51 (Ubuntu Natty)
     Importance: Low
         Status: Invalid

** Affects: linux-lts-backport-maverick (Ubuntu Natty)
     Importance: Low
         Status: Invalid

** Affects: linux-lts-backport-natty (Ubuntu Natty)
     Importance: Low
         Status: Invalid

** Affects: linux-lts-backport-oneiric (Ubuntu Natty)
     Importance: Low
         Status: Invalid

** Affects: linux-mvl-dove (Ubuntu Natty)
     Importance: Low
         Status: Invalid

** Affects: linux-ti-omap4 (Ubuntu Natty)
     Importance: Low
         Status: New

** Affects: linux (Ubuntu Oneiric)
     Importance: Low
         Status: New

** Affects: linux-armadaxp (Ubuntu Oneiric)
     Importance: Low
         Status: Invalid

** Affects: linux-ec2 (Ubuntu Oneiric)
     Importance: Low
         Status: Invalid

** Affects: linux-fsl-imx51 (Ubuntu Oneiric)
     Importance: Low
         Status: Invalid

** Affects: linux-lts-backport-maverick (Ubuntu Oneiric)
     Importance: Low
         Status: Invalid

** Affects: linux-lts-backport-natty (Ubuntu Oneiric)
     Importance: Low
         Status: Invalid

** Affects: linux-lts-backport-oneiric (Ubuntu Oneiric)
     Importance: Low
         Status: Invalid

** Affects: linux-mvl-dove (Ubuntu Oneiric)
     Importance: Low
         Status: Invalid

** Affects: linux-ti-omap4 (Ubuntu Oneiric)
     Importance: Low
         Status: New

** Affects: linux (Ubuntu Precise)
     Importance: Low
         Status: New

** Affects: linux-armadaxp (Ubuntu Precise)
     Importance: Low
         Status: New

** Affects: linux-ec2 (Ubuntu Precise)
     Importance: Low
         Status: Invalid

** Affects: linux-fsl-imx51 (Ubuntu Precise)
     Importance: Low
         Status: Invalid

** Affects: linux-lts-backport-maverick (Ubuntu Precise)
     Importance: Low
         Status: Invalid

** Affects: linux-lts-backport-natty (Ubuntu Precise)
     Importance: Low
         Status: Invalid

** Affects: linux-lts-backport-oneiric (Ubuntu Precise)
     Importance: Low
         Status: Invalid

** Affects: linux-mvl-dove (Ubuntu Precise)
     Importance: Low
         Status: Invalid

** Affects: linux-ti-omap4 (Ubuntu Precise)
     Importance: Low
         Status: New

** Affects: linux (Ubuntu Quantal)
     Importance: Low
         Status: New

** Affects: linux-armadaxp (Ubuntu Quantal)
     Importance: Low
         Status: New

** Affects: linux-ec2 (Ubuntu Quantal)
     Importance: Low
         Status: Invalid

** Affects: linux-fsl-imx51 (Ubuntu Quantal)
     Importance: Low
         Status: Invalid

** Affects: linux-lts-backport-maverick (Ubuntu Quantal)
     Importance: Low
         Status: Invalid

** Affects: linux-lts-backport-natty (Ubuntu Quantal)
     Importance: Low
         Status: Invalid

** Affects: linux-lts-backport-oneiric (Ubuntu Quantal)
     Importance: Low
         Status: Invalid

** Affects: linux-mvl-dove (Ubuntu Quantal)
     Importance: Low
         Status: Invalid

** Affects: linux-ti-omap4 (Ubuntu Quantal)
     Importance: Low
         Status: New

** Affects: linux (Ubuntu Hardy)
     Importance: Low
         Status: New

** Affects: linux-armadaxp (Ubuntu Hardy)
     Importance: Low
         Status: Invalid

** Affects: linux-ec2 (Ubuntu Hardy)
     Importance: Low
         Status: Invalid

** Affects: linux-fsl-imx51 (Ubuntu Hardy)
     Importance: Low
         Status: Invalid

** Affects: linux-lts-backport-maverick (Ubuntu Hardy)
     Importance: Low
         Status: Invalid

** Affects: linux-lts-backport-natty (Ubuntu Hardy)
     Importance: Low
         Status: Invalid

** Affects: linux-lts-backport-oneiric (Ubuntu Hardy)
     Importance: Low
         Status: Invalid

** Affects: linux-mvl-dove (Ubuntu Hardy)
     Importance: Low
         Status: Invalid

** Affects: linux-ti-omap4 (Ubuntu Hardy)
     Importance: Low
         Status: Invalid


** Tags: kernel-cve-tracking-bug

** Tags added: kernel-cve-tracking-bug

** This bug has been flagged as a security vulnerability

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-3412

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1037456

Title:
  CVE-2012-3412

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1037456/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to