Google Git
Sign in
android-kvm / linux / d8aacd87180141ff6b812b53de77a4336e87c91a
commitd8aacd87180141ff6b812b53de77a4336e87c91a[log] [tgz]
authorJozsef Kadlecsik <kadlec@blackhole.kfki.hu>Tue Mar 08 20:29:10 2016 +0100
committerJozsef Kadlecsik <kadlec@blackhole.kfki.hu>Tue Mar 08 20:36:17 2016 +0100
tree66fe7872cb80156e6e58e9b95978d6fb9a6f3063
parent45040978c8994d1401baf5cc5ac71c1495d4e120 [diff]
netfilter: ipset: Check IPSET_ATTR_ETHER netlink attribute length

Julia Lawall pointed out that IPSET_ATTR_ETHER netlink attribute length
was not checked explicitly, just for the maximum possible size. Malicious
netlink clients could send shorter attribute and thus resulting a kernel
read after the buffer.

The patch adds the explicit length checkings.

Reported-by: Julia Lawall <julia.lawall@lip6.fr>
Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
2 files changed
tree: 66fe7872cb80156e6e58e9b95978d6fb9a6f3063
  1. arch/
  2. block/
  3. certs/
  4. crypto/
  5. Documentation/
  6. drivers/
  7. firmware/
  8. fs/
  9. include/
  10. init/
  11. ipc/
  12. kernel/
  13. lib/
  14. mm/
  15. net/
  16. samples/
  17. scripts/
  18. security/
  19. sound/
  20. tools/
  21. usr/
  22. virt/
  23. .get_maintainer.ignore
  24. .gitignore
  25. .mailmap
  26. COPYING
  27. CREDITS
  28. Kbuild
  29. Kconfig
  30. MAINTAINERS
  31. Makefile
  32. README
  33. REPORTING-BUGS