Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
FS#3799 - Potential DoS vulnerability in kernel 2.6.15
Attached to Project:
Arch Linux
Opened by name withheld (Gullible Jones) - Thursday, 19 January 2006, 17:13 GMT
Opened by name withheld (Gullible Jones) - Thursday, 19 January 2006, 17:13 GMT
|
DetailsFrom the changelog for 2.6.15.1:
commit 7abeff5a23abb2d0edc54cc1cc3acaf886ea98ca Author: Martin Murray <murrayma@citi.umich.edu> Date: Tue Jan 10 21:02:29 2006 -0800 [PATCH] Fix DoS in netlink_rcv_skb() (CVE-2006-0035) Sanity check nlmsg_len during netlink_rcv_skb. An nlmsg_len == 0 can cause infinite loop in kernel, effectively DoSing machine. Noted by Martin Murray. Signed-off-by: Chris Wright <chrisw@sous-sol.org> Signed-off-by: David S. Miller <davem@davemloft.net> The kernel should probably be upgraded to 2.6.15.1 as soon as possible. |
This task depends upon
Comment by Judd Vinet (judd) -
Thursday, 19 January 2006, 19:27 GMT
2.6.15.1 should be up by the weekend.