Re: unhelpful and somewhat scary r8169 boot message in 2.6.33.2 regarding a security fix

From: Nix
Date: Fri Apr 02 2010 - 18:04:19 EST

Next message: Carl-Daniel Hailfinger: "Re: BUG: physmap modprobe & rmmod"
Previous message: Rik van Riel: "Re: Ugly rmap NULL ptr deref oopsie on hibernate (was Linux 2.6.34-rc3)"
In reply to: David Miller: "Re: unhelpful and somewhat scary r8169 boot message in 2.6.33.2regarding a security fix"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 2 Apr 2010, David Miller verbalised:

>> but it does not explain *why* changing the MTU is suddenly so bad,
>> when it's worked forever before now without flaw, with no sign of
>> any sort of corruption. Why should we be confined to non-jumbo
>> frames? What are the effects if we do change MTU?
>
> Have a look at CVE-2009-4537
>
> It's a remotely exploitable memory corruptor and potential
> root hole.

That's what I thought, *if* the attackers can inject crafted Ethernet
frames onto your local network. (i.e., they need a crafted Ethernet
frame, not just crafted packet contents.)
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Carl-Daniel Hailfinger: "Re: BUG: physmap modprobe & rmmod"
Previous message: Rik van Riel: "Re: Ugly rmap NULL ptr deref oopsie on hibernate (was Linux 2.6.34-rc3)"
In reply to: David Miller: "Re: unhelpful and somewhat scary r8169 boot message in 2.6.33.2regarding a security fix"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]