CVE-2013-4348: kernel denial of service
The skb_flow_dissect function in net/core/flow_dissector.c in the Linux kernel through 3.12 allows remote attackers to cause a denial of service (infinite loop) via a small value in the IHL field of a packet with IPIP encapsulation.
•CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1007939
•CONFIRM:https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=6f092343855a71e03b8d209815d8c45bf3a27fcd
(from redmine: issue id 2302, created on 2013-11-12, closed on 2013-11-15)
- Relations:
- child #2313 (closed)
- child #2314 (closed)
- child #2317 (closed)
- child #2318 (closed)
- child #2319 (closed)
- child #2320 (closed)
- child #2321 (closed)
- child #2322 (closed)
- Changesets:
- Revision 621da371 by Natanael Copa on 2013-11-12T16:15:18Z:
main/linux-grsec: fix CVE-2013-4348
ref #2302
- Revision 4fb83db8 by Natanael Copa on 2013-11-13T16:16:56Z:
main/linux-grsec: fix CVE-2013-4348
ref #2302
fixes #2313
- Revision 84619766 by Natanael Copa on 2013-11-14T11:26:08Z:
main/linux-vserver: upgrade to 3.10.19 and fix CVE-2013-4348
ref #2302
- Revision 073d94a3 by Natanael Copa on 2013-11-14T11:27:00Z:
main/linux-vserver: upgrade to 3.10.19 and fix CVE-2013-4348
ref #2302
fixes #2314