projects / GitHub / mt8127 / android_kernel_alcatel_ttab.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 050c309) | patch
netlabel: out of bound access in cipso_v4_validate()
authorEric Dumazet <edumazet@google.com>
Fri, 3 Feb 2017 08:03:26 +0000 (00:03 -0800)
committerWilly Tarreau <w@1wt.eu>
Wed, 7 Jun 2017 22:46:58 +0000 (00:46 +0200)
commit96296cddf9d174bd1a925e2ffa4463f2eb3259c5
tree91434a107d33e944a2c1307d8e6b9bb0b18eead4tree | snapshot (tar.gz zip)
parent050c309794e9e68319843d452196994bcbde245fcommit | diff
netlabel: out of bound access in cipso_v4_validate()

commit d71b7896886345c53ef1d84bda2bc758554f5d61 upstream.

syzkaller found another out of bound access in ip_options_compile(),
or more exactly in cipso_v4_validate()

Fixes: 20e2a8648596 ("cipso: handle CIPSO options correctly when NetLabel is disabled")
Fixes: 446fda4f2682 ("[NetLabel]: CIPSOv4 engine")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Reported-by: Dmitry Vyukov <dvyukov@google.com>
Cc: Paul Moore <paul@paul-moore.com>
Acked-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Willy Tarreau <w@1wt.eu>
include/net/cipso_ipv4.h diff | blob | blame | history
net/ipv4/cipso_ipv4.c diff | blob | blame | history
kernel source for telekom puls (alcatel/mediatek)