** Description changed: - memory corruption with UDP_CORK and UFO + The Linux kernel before 3.12, when UDP Fragmentation Offload (UFO) is + enabled, does not properly initialize certain data structures, which + allows local users to cause a denial of service (memory corruption and + system crash) or possibly gain privileges via a crafted application that + uses the UDP_CORK option in a setsockopt system call and sends both + short and long packets, related to the ip_ufo_append_data function in + net/ipv4/ip_output.c and the ip6_ufo_append_data function in + net/ipv6/ip6_output.c. Break-Fix: e89e9cf539a28df7d0eb1d0a545368e9920b34ac c547dbf55d5f8cf615ccc0e7265e98db27d3fb8b Break-Fix: e89e9cf539a28df7d0eb1d0a545368e9920b34ac e93b7d748be887cd7639b113ba7d7ef792a7efb9
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1248703 Title: CVE-2013-4470 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1248703/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs