On Mon, 10 May 2004, Shaun Colley wrote: > Hi Sridhar, > > > SCTP_SOCKOPT_DEBUG_NAME is an internal option that > > was supposed to be used > > only by the developers of SCTP, not users. Even the > > developers found that > > this isn't really needed and hence this option was > > removed in 2.4.26 and > > also from the 2.6 tree. > > Thanks for the info Sridhar. From your run-down > above, may I take it that the bug could be exploited, > if a host was running kernel 2.4.25 and below? > Although it is now removed, I would be interested to > know. I cannot say if this bug can really be exploited as there are additional checks within kmalloc() and copy_from_user() which may prevent writing to unallocated memory. > > > As Shaun pointed out, if this code was present it > > could have been a security > > issue, but as the code is no longer present, this is > > a non-issue. > > I guess if this is exploitable, then the message is to > upgrade to 2.4.26 :) If you are planning to use SCTP, upgrading to 2.4.26 is a mandatory requirement as 2.4.25 SCTP is quite outdated and is also not compatible with the latest SCTP sockets API draft. Thanks Sridhar - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
