Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 09 Dec 2010 13:38:28 +0800
From: Eugene Teo <>
CC: Nelson Elhage <>
Subject: Re: CVE request: kernel: NULL pointer dereference

On 12/09/2010 11:27 AM, Nelson Elhage wrote:
> The Linux implementation of ACORN networking over UDP does not
> properly look up the device an incoming packet was received on,
> potentially resulting in a denial of service (NULL pointer
> dereference).
> This is remotely triggerable if the econet module is loaded, but
> realistically the only reason is likely to have it loaded is because
> they're trying to run an exploit.
> Reference:

Proposed patch:

Please use CVE-2010-4342.

Thanks, Eugene

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ