On 30.08.2011 15:35, Jozsef Kadlecsik wrote: > Michael M. Builov reported that in the tcp_options and tcp_sack functions > of netfilter TCP conntrack the incorrect handling of invalid TCP option > with too big opsize may lead to read access beyond tcp-packet or buffer > allocated on stack (netfilter bugzilla #738). The fix is to stop parsing > the options at detecting the broken option. Applied, thanks Jozsef. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
