|
Message-Id: <20161014071750.E195342E060@smtpvbsrv1.mitre.org> Date: Fri, 14 Oct 2016 03:17:50 -0400 (EDT) From: cve-assign@...re.org To: meissner@...e.de Cc: cve-assign@...re.org, oss-security@...ts.openwall.com Subject: Re: CVE Request: another recursion in GRE -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 > If a packet has the layout: | IPv4 header | GRE header | IPv4 header | GRE header | ... > depending on left over stack it could run the kernel out of stack due to > recursion and so crash the kernel. > commit fac8e0f579695a3ecbc4d3cac369139d7f819971 > This > generalizes that solution to prevent any kind of tunnel stacking > that would cause problems. Use CVE-2016-8666. - -- CVE Assignment Team M/S M300, 202 Burlington Road, Bedford, MA 01730 USA [ A PGP key is available for encrypted communications at http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJYAIYdAAoJEHb/MwWLVhi25UIP/iSHd0YpyLjwP1wtmcZYOXx7 jT7XMtGRXR7uXNUGBDd92u7VMe9Vy344znXvevg2MSRfIW1i8t6lQvaNE3TDDxC4 yDXlnrLaSR6bfjNCv9ngaEiSgKlG+640LL5OTQvMQC8mhN+Bh3/UWmp1UjyadBEt wks3QEZQAhtnbLAUOa7j7BGZu5+F52WUtzwc5j4ncLZ7jbR8nUPg+DgASu2HRgiB MhPZsaGnyuNIXis35IgB08p91IsIOrg055s3j8uFle7twyaEykU1XbbpnAwGu8q7 p3tw9cNp1KI7XbjbLG2Dh+wxubvvwJ0NsV4g5FXbXbn7CxJ/UWJ2Deymn/NdwXgg wrmkMy/N2H8eLweP3tn3KQlNef/4G3D9hHsqnb8KoOX+3cmH3UMMb7oSoovhCyQm /rBfmHX38BVRF2Rq8qYIS5hBADSo0DtLmSmqtMLsVI2Dflyo79CX7cSjAvhezxJu c4hqHbum5DsgvHFUS5gEIRQEHjv4sDRVYGav7Aik6NG6dlA7edGmLaWGczqtgujP c1BvVbbzDm9Ug9Hvq9C+qfjfDoPVtw/SpUz5T+jcu1BFf0aaUkejhrdn1FCtb1GC pbZIDGt4vRoeNAzUd4kCkjtS3cvbOK+MtsuV0C4YzdMwfG5odSS7bS1KX0zt6pL7 2ZaO/xi1g1pNa4zIuC4S =ShWc -----END PGP SIGNATURE-----
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.