On Sun, May 13, 2007 at 01:33:16PM +0200, Moritz Muehlenhoff wrote: > CVE-2007-1496 > > Michal Miroslaw reported a DoS vulnerability (crash) in netfilter. > A remote attacker can cause a NULL pointer dereference in the > nfnetlink_log function.
CVE says: | nfnetlink_log in netfilter in the Linux kernel before 2.6.20.3 allows | attackers to cause a denial of service (crash) via unspecified vectors | involving the (1) nfulnl_recv_config function, (2) using "multiple | packets per netlink message", and (3) bridged packets, which trigger a | NULL pointer dereference. Could someone who knows netfilter a bit better comment on this? In what circumstances in real life is this exploitable? Is there any workaround? I'm not using bridging, I don't care about logging, so I'm happy to disable it, I'm not sure what that netlink thing means.. Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]