** Changed in: linux (Ubuntu Saucy)
Status: New => Fix Committed
** Description changed:
- memory corruption with ipv6 udp offloading
+ net/ipv6/ip6_output.c in the Linux kernel through 3.11.4 does not
+ properly determine the need for UDP Fragmentation Offload (UFO)
+ processing of small packets after the UFO queueing of a large packet,
+ which allows remote attackers to cause a denial of service (memory
+ corruption and system crash) or possibly have unspecified other impact
+ via network traffic that triggers a large response packet.
Break-Fix: e89e9cf539a28df7d0eb1d0a545368e9920b34ac
2811ebac2521ceac84f2bdae402455baa6a7fb47
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1235136
Title:
CVE-2013-4387
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1235136/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
