Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 14 Feb 2005 14:08:28 +0100
From:      Pawel Jakub Dawidek <pjd@FreeBSD.org>
To:        "Simon L. Nielsen" <simon@FreeBSD.org>
Cc:        cvs-all@freebsd.org
Subject:   Re: cvs commit: src/sys/net if.c
Message-ID:  <20050214130828.GF1102@darkness.comp.waw.pl>
In-Reply-To: <20050214093330.GA737@arthur.nitro.dk>
References:  <200502140542.j1E5g62l077236@repoman.freebsd.org> <20050214072648.GA51832@cell.sick.ru> <20050214093330.GA737@arthur.nitro.dk>
next in thread | previous in thread | raw e-mail | index | archive | help 

--l+goss899txtYvYf
Content-Type: text/plain; charset=iso-8859-2
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Mon, Feb 14, 2005 at 10:33:31AM +0100, Simon L. Nielsen wrote:
+> On 2005.02.14 10:26:48 +0300, Gleb Smirnoff wrote:
+> > On Mon, Feb 14, 2005 at 05:42:06AM +0000, Xin LI wrote:
+> > X> delphij     2005-02-14 05:42:06 UTC
+> > X>=20
+> > X>   FreeBSD src repository
+> > X>=20
+> > X>   Modified files:        (Branch: RELENG_5)
+> > X>     sys/net              if.c=20
+> > X>   Log:
+> > X>   MFC 1.218+1.219:
+> > X>  =20
+> > X>   Validate ifc->ifc_len before submitting its incarnation to sbuf_n=
ew,
+> > X>   which will finally lead to kernel panic.
+> > X>  =20
+> > X>   Security:       This prevents a local DoS that can be exploited by
+> > X>   Security:       both privileged and unprivileged users.
+> > X>   Submitted by:   Wojciech A. Koszek [dunstan at freebsd czest pl]
+> > X>   PR:             77421
+> > X>  =20
+> > X>   Early MFC discussed with and reviewed by:
+> > X>                   security (simon, trhodes)
+> >=20
+> > Is it going to be put into RELENG_5_3?
+>=20
+> Since we don't issue security advisories for local DoS'es I don't
+> think so, but it's not my call.

It definitely should go into RELENG_5_3, but as an errata.

--=20
Pawel Jakub Dawidek                       http://www.wheel.pl
pjd@FreeBSD.org                           http://www.FreeBSD.org
FreeBSD committer                         Am I Evil? Yes, I Am!

--l+goss899txtYvYf
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (FreeBSD)

iD8DBQFCEKLMForvXbEpPzQRAkBWAJ4pFs0yw+NAIbVwWshLaFjE2f42RQCdHu1k
EzMfSvBl2YIUuHSieGlzQZA=
=oKlF
-----END PGP SIGNATURE-----

--l+goss899txtYvYf--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050214130828.GF1102>