From owner-freebsd-security@FreeBSD.ORG  Wed Jan 28 00:57:02 2015
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id D4C91E7C
 for <freebsd-security@freebsd.org>; Wed, 28 Jan 2015 00:57:02 +0000 (UTC)
Received: from anubis.delphij.net (anubis.delphij.net [64.62.153.212])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "anubis.delphij.net",
 Issuer "StartCom Class 1 Primary Intermediate Server CA" (not verified))
 by mx1.freebsd.org (Postfix) with ESMTPS id BBA4B7EB
 for <freebsd-security@freebsd.org>; Wed, 28 Jan 2015 00:57:02 +0000 (UTC)
Received: from zeta.ixsystems.com (unknown [12.229.62.2])
 (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits))
 (Client did not present a certificate)
 by anubis.delphij.net (Postfix) with ESMTPSA id D28572D3D;
 Tue, 27 Jan 2015 16:57:01 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=delphij.net;
 s=anubis; t=1422406621; x=1422421021;
 bh=QILXYg/JMsL1GICEJcqLXRP2cAEwtRKegCeFZTiD6+Y=;
 h=Date:From:Reply-To:To:Subject:References:In-Reply-To;
 b=yDjxT9mFNkQ0wf7iMN+O7HyxiMKWuobtFw5IKzly5/rnIlOz22YQVTZAUyVEVAZKT
 cdHaeGIgTLu4pPvlYS30RfB3v8iPfr+kidl0+Ao0H8wAMuaZ97NxDLpjh0PpOaJPUe
 qyeEun34qCQxUmtDWw867iP7XYSbeMyaWAEpIkO4=
Message-ID: <54C833DD.9070907@delphij.net>
Date: Tue, 27 Jan 2015 16:57:01 -0800
From: Xin Li <delphij@delphij.net>
Reply-To: d@delphij.net
Organization: The FreeBSD Project
MIME-Version: 1.0
To: Mike Tancsa <mike@sentex.net>, freebsd-security@freebsd.org
Subject: Re: FreeBSD Security Advisory FreeBSD-SA-15:02.kmem
References: <201501271955.t0RJt8YB055445@freefall.freebsd.org>
 <54C81457.2000200@sentex.net>
In-Reply-To: <54C81457.2000200@sentex.net>
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 7bit
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: "Security issues \[members-only posting\]"
 <freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security/>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Jan 2015 00:57:02 -0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 01/27/15 14:42, Mike Tancsa wrote:
> On 1/27/2015 2:55 PM, FreeBSD Security Advisories wrote:
> 
> 
>> IV.  Workaround
>> 
>> No workaround is available.
> 
> If SCTP is NOT compiled in the kernel, are you still vulnerable ?

No -- we should have mentioned that too.  For GENERIC kernel however
SCTP is compiled in.

Cheers,
- -- 
Xin LI <delphij@delphij.net>    https://www.delphij.net/
FreeBSD - The Power to Serve!           Live free or die
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.1.1 (FreeBSD)

iQIcBAEBCgAGBQJUyDPdAAoJEJW2GBstM+nsPaMP/2f48Houf+92qRwuHipmMXhd
Q8cBPwaiOeXg2cEQuYn8pPzwEU4UTbSAtW9e2OymmZupJr1jw6+SGUoMeDCOkQur
nAr8wRiVHUfFxkPg649lfE2IUuA+hKitgCMbfHeFG0y3Ee948ZH+UO1jPwB2GNbp
Gpa+QwbonfMLeHvHC+rg5lmcbgVfCKi8gVw+FI894IBZPS532W6+ry+Qx4PWvjW1
t3oDCplyrOXkhmddxJdnEXA6jkj/TgxKQM9ueacjcWHbsPiLDoaF+BJ2JsA7gFu7
wU+syi/fFPAVlYPDQUoqY19N6akd+pX5qp90nhKnlcAPP/SRTKyTVFQTMg8dcTlq
GiG/3frq9ZfQHsspaWUikr8qL2/kPjUMNsEOu7uDI8XuTaTnoNIontj7dhswlk1+
A0CBjbx0Dqte6RpZzJE1stkPILK2rmEJdaNSGmlwTDiVzvroPqNiZ5aqTq/iMeVC
QI1YWdJu+j7Syf3xhx7o/r0J/6EDqg2lrQKBt3/g10vXiyRhXM1mE9whDx/DwiRx
EVhPw7+Cms9UBjsvJMpn5Uv3Wp9/N3F7zwumotS8uQpFZ1sGZnDZRLWUjwvjCLUT
1EF0rRjwZ0T6wiLXNlHcqVTml/ar5lOqCsvAG9p/aMJ4xaCqvxc/miPVQaF1fEEn
OcSg9FKbhtS+XvF+Gz3D
=tJNT
-----END PGP SIGNATURE-----