Secunia
Login
|
|
CVE Reference: CVE-2011-1093 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2011-1093 |
|
|
Description: The dccp_rcv_state_process function in net/dccp/input.c in the Datagram Congestion Control Protocol (DCCP) implementation in the Linux kernel before 2.6.38 does not properly handle packets for a CLOSED endpoint, which allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by sending a DCCP-Close packet followed by a DCCP-Reset packet. |
|
|
CVE Status: Candidate |
|
|
References: MLIST http://openwall.com/lists/oss-security/2011/03/08/4 http://openwall.com/lists/oss-security/2011/03/08/19 CONFIRM http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=720dc34bbbe9493c7bd48b2243058b4e447a929d http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38 BID 46793 |
|
| Return to the previous page. |
