Modify

Opened 9 years ago

Closed 9 years ago

#4245 closed defect (fixed)

fix ipv6 over ipv4 remotely triggerable memory leak, CVE-2008-2136

Reported by: asdf ;lkjad;lfj;lj Owned by: developers
Priority: normal Milestone: Kamikaze 8.09 RC1
Component: packages Version:
Keywords: security, ipv6, tunnel, memory leak Cc:

Description

http://securitytracker.com/alerts/2008/Aug/1020756.html
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=36ca34cc3b8335eb1fe8bd9a1d0a2592980c3f02

Please fix the ipv6 over ipv4 remotely triggerable memory leak, as per CVE-2008-2136 in the 2.4 variant of the openwrt image / release 8.09rc1.

icmp_send(skb, ICMP_DEST_UNREACH, ICMP_PORT_UNREACH, 0);

  • kfree_skb(skb);

read_unlock(&ipip6_lock);

out:

+ kfree_skb(skb);

return 0;

}

Please update kernel or patch.

Attachments (0)

Change History (1)

comment:1 Changed 9 years ago by nbd

  • Resolution set to fixed
  • Status changed from new to closed

fixed in r13734

Add Comment

Modify Ticket

Action
as closed .
The resolution will be deleted. Next status will be 'reopened'.
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.