oss-sec mailing list archives
CVE-2016-7039 Kernel: net: unbounded recursion in the vlan GRO processing
From: P J P <ppandit () redhat com>
Date: Mon, 10 Oct 2016 23:25:55 +0530 (IST)
Hello,Linux kernel built with the 802.1Q/802.1ad VLAN(CONFIG_VLAN_8021Q) OR Virtual eXtensible Local Area Network(CONFIG_VXLAN) with Transparent Ethernet Bridging(TEB) GRO support, is vulnerable to a stack overflow issue. It could occur while receiving large packets via GRO path; As an unlimited recursion could unfold in both VLAN and TEB modules, leading to a stack corruption in the kernel.
A remote user could use this flaw to cause kernel panic by sending malicious packets to a server that has GRO enabled.
Please see a proposed patch to fix this issue attached herein. 'CVE-2016-7039' has been assigned to this issue by Red Hat Inc. Reference: ---------- -> https://bugzilla.redhat.com/show_bug.cgi?id=1375944 Thank you. -- Prasad J Pandit / Red Hat Product Security Team 47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F
Attachment:
upstream-0001-net-add-recursion-limit-to-GRO.patch
Description:
Current thread:
- CVE-2016-7039 Kernel: net: unbounded recursion in the vlan GRO processing P J P (Oct 10)