]> git.ipfire.org Git - thirdparty/kernel/stable.git/commit
projects / thirdparty / kernel / stable.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 7d5e09f) | patch
[PATCH] Fix crash in ip_nat_pptp (CVE-2006-0036)
authorPatrick McHardy <kaber@trash.net>
Tue, 10 Jan 2006 01:00:07 +0000 (02:00 +0100)
committerGreg Kroah-Hartman <gregkh@suse.de>
Tue, 31 Jan 2006 06:42:30 +0000 (22:42 -0800)
commit988042953360dcc04a965965f08e11b7e8329328
tree46cc93303a8bfd7db2f99e10d79f55eb8b55566ftree
parent7d5e09f7dc89aff4b6cfa42ca686f3b20eacfdbdcommit | diff
[PATCH] Fix crash in ip_nat_pptp (CVE-2006-0036)

When an inbound PPTP_IN_CALL_REQUEST packet is received the
PPTP NAT helper uses a NULL pointer in pointer arithmentic to
calculate the offset in the packet which needs to be mangled
and corrupts random memory or crashes.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Chris Wright <chrisw@sous-sol.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
net/ipv4/netfilter/ip_nat_helper_pptp.c diff | blob | blame | history
Mirror https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git