Race condition in the IP implementation in the Linux kernel before 3.0 might allow remote attackers to cause a denial of service (slab corruption and system crash) by sending packets to an application that sets socket options during the handling of network traffic.
The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.
| Link | Tags |
|---|---|
| http://rhn.redhat.com/errata/RHSA-2012-1540.html | third party advisory vendor advisory |
| https://github.com/torvalds/linux/commit/f6d8bd051c391c1c0458a30b2a7abcd939329259 | third party advisory patch |
| http://ftp.osuosl.org/pub/linux/kernel/v3.0/ChangeLog-3.0 | broken link |
| http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f6d8bd051c391c1c0458a30b2a7abcd939329259 | |
| http://www.openwall.com/lists/oss-security/2012/08/31/11 | patch mailing list third party advisory |
| https://bugzilla.redhat.com/show_bug.cgi?id=853465 | patch third party advisory issue tracking |