Release date:
Updated on:
Affected Systems:
Linux kernel 2.6.x
Ubuntu 11.04
Description:
--------------------------------------------------------------------------------
Bugtraq id: 46732
Cve id: CVE-2011-1076
Linux Kernel is the Kernel of the Linux operating system.
Linux Kernel has a denial of service (DoS) vulnerability in dns_key.c. A remote attacker can exploit this vulnerability to make the Kernel reference invalid memory location, resulting in DOS.
An attempt to read the key may cause a crash when the key of the DNS resolution program is instantiated with an error message. Because user_read () thinks there will be a load, but in fact there is no.
<* Source: David Howells
Link: http://git.kernel.org /? P = linux/kernel/git/torvalds/linux-2.6.git; a = commitdiff; h = 1362fa078dae16776cd442591c6605b224ea6171
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Linux
-----
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://www.kernel.org/