oss-sec mailing list archives

Re: CVE Request: another recursion in GRE

From: cve-assign () mitre org
Date: Fri, 14 Oct 2016 03:17:50 -0400 (EDT)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

If a packet has the layout: | IPv4 header | GRE header | IPv4 header | GRE header | ...
depending on left over stack it could run the kernel out of stack due to
recursion and so crash the kernel.

commit fac8e0f579695a3ecbc4d3cac369139d7f819971

    This
    generalizes that solution to prevent any kind of tunnel stacking
    that would cause problems.


Use CVE-2016-8666.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJYAIYdAAoJEHb/MwWLVhi25UIP/iSHd0YpyLjwP1wtmcZYOXx7
jT7XMtGRXR7uXNUGBDd92u7VMe9Vy344znXvevg2MSRfIW1i8t6lQvaNE3TDDxC4
yDXlnrLaSR6bfjNCv9ngaEiSgKlG+640LL5OTQvMQC8mhN+Bh3/UWmp1UjyadBEt
wks3QEZQAhtnbLAUOa7j7BGZu5+F52WUtzwc5j4ncLZ7jbR8nUPg+DgASu2HRgiB
MhPZsaGnyuNIXis35IgB08p91IsIOrg055s3j8uFle7twyaEykU1XbbpnAwGu8q7
p3tw9cNp1KI7XbjbLG2Dh+wxubvvwJ0NsV4g5FXbXbn7CxJ/UWJ2Deymn/NdwXgg
wrmkMy/N2H8eLweP3tn3KQlNef/4G3D9hHsqnb8KoOX+3cmH3UMMb7oSoovhCyQm
/rBfmHX38BVRF2Rq8qYIS5hBADSo0DtLmSmqtMLsVI2Dflyo79CX7cSjAvhezxJu
c4hqHbum5DsgvHFUS5gEIRQEHjv4sDRVYGav7Aik6NG6dlA7edGmLaWGczqtgujP
c1BvVbbzDm9Ug9Hvq9C+qfjfDoPVtw/SpUz5T+jcu1BFf0aaUkejhrdn1FCtb1GC
pbZIDGt4vRoeNAzUd4kCkjtS3cvbOK+MtsuV0C4YzdMwfG5odSS7bS1KX0zt6pL7
2ZaO/xi1g1pNa4zIuC4S
=ShWc
-----END PGP SIGNATURE-----

Current thread:

CVE Request: another recursion in GRE Marcus Meissner (Oct 13)
- Re: CVE Request: another recursion in GRE cve-assign (Oct 14)