Recent full disclosure post - Local DOS

Egoitz Aurrekoetxea Aurre egoitz at ramattack.net
Mon Feb 14 10:36:28 UTC 2011 

Hi all!,

I have seen the patch has been applied in releng_7_4, releng_8_2, stable, head... but not in releng_8_1 or releng_8_0... is it planned to be applied too on this branches??

Thanks a lot.

Bye!


El 03/02/2011, a las 17:19, Egoitz Aurrekoetxea Aurre escribió:

> Hi all,
> 
> So then, this just crashes in current?? else... is it known which kernel nic drivers cause this?. I have attempted to crash a 8.1-release on vmware fusion virtual machine without success...
> 
> Thanks a lot!,
> Bye!
> 
> 
> El 31/01/2011, a las 23:40, Lawrence Stewart escribió:
> 
>> On 01/29/11 11:30, Christian Peron wrote:
>>> On Fri, Jan 28, 2011 at 02:27:18PM -0500, John Baldwin wrote:
>>> [..]
>>>> ===================================================================
>>>> --- tcp_usrreq.c	(revision 218018)
>>>> +++ tcp_usrreq.c	(working copy)
>>>> @@ -1330,7 +1330,8 @@ tcp_ctloutput(struct socket *so, struct sockopt *s
>>>> 				tp->t_flags |= TF_NOPUSH;
>>>> 			else {
>>>> 				tp->t_flags &= ~TF_NOPUSH;
>>>> -				error = tcp_output(tp);
>>>> +				if (TCPS_HAVEESTABLISHED(tp->t_state))
>>>> +					error = tcp_output(tp);
>>>> 			}
>>>> 			INP_WUNLOCK(inp);
>>>> 			break;
>>> 
>>> I was thinking of correcting it the same way.. I might even do something
>>> like:
>>> 
>>> 	else {
>>> 		if (tp->t_flags & TF_NOPUSH) {
>>> 			tp->t_flags &= ~TF_NOPUSH;
>>> 			if (TCPS_HAVEESTABLISHED(tp->t_state))
>>> 				error = tcp_output(tp);
>>> 		}
>>> 	}
>>> 
>>> By default, this mask is not set.. so un-setting it and calling tcp_output() 
>>> if it was not already set seems wasteful
>> 
>> Apologies for tuning in late, but FWIW I concur and think the above
>> patch is appropriate.
>> 
>> Cheers,
>> Lawrence
>> _______________________________________________
>> freebsd-security at freebsd.org mailing list
>> http://lists.freebsd.org/mailman/listinfo/freebsd-security
>> To unsubscribe, send any mail to "freebsd-security-unsubscribe at freebsd.org"
> 
> _______________________________________________
> freebsd-security at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to "freebsd-security-unsubscribe at freebsd.org"

More information about the freebsd-security mailing list