Thu, 22 Aug 2013

7:59 AM - 0.4-RELEASE-p2 : Fix IP MULTICAST and SCTP vulnerabilities

Fix two security vulnerabilities.

 
Fix an integer overflow in IP_MSFILTER (IP MULTICAST). This could be exploited to read memory by a user process.
 
When initializing the SCTP state cookie being sent in INIT-ACK chunks,
a buffer allocated from the kernel stack is not completely initialized.
 
Patches obtained from: FreeBSD

0 comments