On Donnerstag 16 September 2010, Vlad Yasevich wrote: > On 09/15/2010 03:43 PM, Andrew Morton wrote: > > Thanks, but please send patches via email, not via bugzilla. > > Documentation/SubmittingPatches has some tips. Suitable recipients for > > this patch are, from the MAINTAINERS file: > > > > M: Vlad Yasevich <vladislav.yasevich@xxxxxx> > > M: Sridhar Samudrala <sri@xxxxxxxxxx> > > L: linux-sctp@xxxxxxxxxxxxxxx > > > > but please just send it as a reply-to-all to this email so that everyone > > knows wht's happening. > > > > I'd suggest that you also add the line > > > > Cc: <stable@xxxxxxxxxx> > > > > to the end of the changelog so that we don't forget to consider the > > patch for backporting. > > Hi Andrew > > There is a much simpler solution to this problem that I posted to netdev > today. Dear all, Vlad's patch solves the problem. I hope this patch can go into the mailine kernel soon, in order to get distribution kernels fixed as soon as possible. It is relatively easy to trigger the denial of service problem, making all systems providing SCTP-based services vulnerable to a remote DoS attack. I have also been able to reproduce the problem with kernel 2.6.32, i.e. at least all kernels from 2.6.32 to 2.6.36 are affected. Best regards -- ======================================================================= Dr. Thomas Dreibholz University of Duisburg-Essen, Room ES210 Inst. for Experimental Mathematics Ellernstraße 29 Computer Networking Technology Group D-45326 Essen/Germany ----------------------------------------------------------------------- E-Mail: dreibh@xxxxxxxxxxxxxx Homepage: http://www.iem.uni-due.de/~dreibh ======================================================================= -- To unsubscribe from this list: send the line "unsubscribe linux-sctp" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
