Hello.
Just FYI there is already a CVE name CVE-2012-5532 for this issue.
Regards,
Tomas Hozza
- Original Message -
> On Thu, Nov 08, 2012 at 10:53:29AM +0100, Tomas Hozza wrote:
> > The source code without this patch caused hypervkvpd to exit when
> > it processed
> > a spoofed Netlink
Hello.
Just FYI there is already a CVE name CVE-2012-5532 for this issue.
Regards,
Tomas Hozza
- Original Message -
On Thu, Nov 08, 2012 at 10:53:29AM +0100, Tomas Hozza wrote:
The source code without this patch caused hypervkvpd to exit when
it processed
a spoofed Netlink packet
- Original Message -
> On Thu, Nov 08, 2012 at 10:53:29AM +0100, Tomas Hozza wrote:
> > The source code without this patch caused hypervkvpd to exit when
> > it processed
> > a spoofed Netlink packet which has been sent from an untrusted
> > local user.
> > Now Netlink messages with a
On Thu, Nov 08, 2012 at 10:53:29AM +0100, Tomas Hozza wrote:
> The source code without this patch caused hypervkvpd to exit when it processed
> a spoofed Netlink packet which has been sent from an untrusted local user.
> Now Netlink messages with a non-zero nl_pid source address are ignored
> and
On Thu, Nov 08, 2012 at 10:53:29AM +0100, Tomas Hozza wrote:
The source code without this patch caused hypervkvpd to exit when it processed
a spoofed Netlink packet which has been sent from an untrusted local user.
Now Netlink messages with a non-zero nl_pid source address are ignored
and a
- Original Message -
On Thu, Nov 08, 2012 at 10:53:29AM +0100, Tomas Hozza wrote:
The source code without this patch caused hypervkvpd to exit when
it processed
a spoofed Netlink packet which has been sent from an untrusted
local user.
Now Netlink messages with a non-zero nl_pid
The source code without this patch caused hypervkvpd to exit when it processed
a spoofed Netlink packet which has been sent from an untrusted local user.
Now Netlink messages with a non-zero nl_pid source address are ignored
and a warning is printed into the syslog.
Signed-off-by: Tomas Hozza
KY Srinivasan
> Cc: Tomas Hozza
> Subject: [PATCH] tools: hv: Netlink source address validation allows DoS
>
> The source code without this patch caused hypervkvpd to exit when it processed
> a spoofed Netlink packet which has been sent from an untrusted local user.
> Now Netlink me
The source code without this patch caused hypervkvpd to exit when it processed
a spoofed Netlink packet which has been sent from an untrusted local user.
Now Netlink messages with a non-zero nl_pid source address are ignored
and a warning is printed into the syslog.
Signed-off-by: Tomas Hozza
The source code without this patch caused hypervkvpd to exit when it processed
a spoofed Netlink packet which has been sent from an untrusted local user.
Now Netlink messages with a non-zero nl_pid source address are ignored
and a warning is printed into the syslog.
Signed-off-by: Tomas Hozza
Hozza
Subject: [PATCH] tools: hv: Netlink source address validation allows DoS
The source code without this patch caused hypervkvpd to exit when it processed
a spoofed Netlink packet which has been sent from an untrusted local user.
Now Netlink messages with a non-zero nl_pid source address
The source code without this patch caused hypervkvpd to exit when it processed
a spoofed Netlink packet which has been sent from an untrusted local user.
Now Netlink messages with a non-zero nl_pid source address are ignored
and a warning is printed into the syslog.
Signed-off-by: Tomas Hozza
12 matches
Mail list logo
