oss-sec mailing list archives

CVE Request: Linux: net: out-of-bounds due do a signedness issue when defragging ipv6

From: Andrey Konovalov <andreyknvl () google com>
Date: Thu, 1 Dec 2016 17:23:31 +0100

Hi,

There is a bug in the Linux kernel ipv6 implementation, which leads to
an out-of-bounds write on ipv6 packet defragmentation.

A fix was sent upstream:
https://www.spinics.net/lists/netdev/msg407525.html

More details here:
https://groups.google.com/forum/#!topic/syzkaller/GFbGpX7nTEo

Could you assign a CVE for this?

Thanks!

Current thread:

CVE Request: Linux: net: out-of-bounds due do a signedness issue when defragging ipv6 Andrey Konovalov (Dec 01)
- Re: CVE Request: Linux: net: out-of-bounds due do a signedness issue when defragging ipv6 cve-assign (Dec 01)