oss-sec mailing list archives
Re: CVE Request: another recursion in GRE
From: cve-assign () mitre org
Date: Fri, 14 Oct 2016 03:17:50 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
If a packet has the layout: | IPv4 header | GRE header | IPv4 header | GRE header | ... depending on left over stack it could run the kernel out of stack due to recursion and so crash the kernel.
commit fac8e0f579695a3ecbc4d3cac369139d7f819971
This generalizes that solution to prevent any kind of tunnel stacking that would cause problems.
Use CVE-2016-8666. - -- CVE Assignment Team M/S M300, 202 Burlington Road, Bedford, MA 01730 USA [ A PGP key is available for encrypted communications at http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJYAIYdAAoJEHb/MwWLVhi25UIP/iSHd0YpyLjwP1wtmcZYOXx7 jT7XMtGRXR7uXNUGBDd92u7VMe9Vy344znXvevg2MSRfIW1i8t6lQvaNE3TDDxC4 yDXlnrLaSR6bfjNCv9ngaEiSgKlG+640LL5OTQvMQC8mhN+Bh3/UWmp1UjyadBEt wks3QEZQAhtnbLAUOa7j7BGZu5+F52WUtzwc5j4ncLZ7jbR8nUPg+DgASu2HRgiB MhPZsaGnyuNIXis35IgB08p91IsIOrg055s3j8uFle7twyaEykU1XbbpnAwGu8q7 p3tw9cNp1KI7XbjbLG2Dh+wxubvvwJ0NsV4g5FXbXbn7CxJ/UWJ2Deymn/NdwXgg wrmkMy/N2H8eLweP3tn3KQlNef/4G3D9hHsqnb8KoOX+3cmH3UMMb7oSoovhCyQm /rBfmHX38BVRF2Rq8qYIS5hBADSo0DtLmSmqtMLsVI2Dflyo79CX7cSjAvhezxJu c4hqHbum5DsgvHFUS5gEIRQEHjv4sDRVYGav7Aik6NG6dlA7edGmLaWGczqtgujP c1BvVbbzDm9Ug9Hvq9C+qfjfDoPVtw/SpUz5T+jcu1BFf0aaUkejhrdn1FCtb1GC pbZIDGt4vRoeNAzUd4kCkjtS3cvbOK+MtsuV0C4YzdMwfG5odSS7bS1KX0zt6pL7 2ZaO/xi1g1pNa4zIuC4S =ShWc -----END PGP SIGNATURE-----
Current thread:
- CVE Request: another recursion in GRE Marcus Meissner (Oct 13)
- Re: CVE Request: another recursion in GRE cve-assign (Oct 14)