projects / GitHub / moto-9609 / android_kernel_motorola_exynos9610.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 4504097) | patch
netfilter: ipset: Check IPSET_ATTR_ETHER netlink attribute length
authorJozsef Kadlecsik <kadlec@blackhole.kfki.hu>
Tue, 8 Mar 2016 19:29:10 +0000 (20:29 +0100)
committerJozsef Kadlecsik <kadlec@blackhole.kfki.hu>
Tue, 8 Mar 2016 19:36:17 +0000 (20:36 +0100)
commitd8aacd87180141ff6b812b53de77a4336e87c91a
tree66fe7872cb80156e6e58e9b95978d6fb9a6f3063tree | snapshot (tar.gz zip)
parent45040978c8994d1401baf5cc5ac71c1495d4e120commit | diff
netfilter: ipset: Check IPSET_ATTR_ETHER netlink attribute length

Julia Lawall pointed out that IPSET_ATTR_ETHER netlink attribute length
was not checked explicitly, just for the maximum possible size. Malicious
netlink clients could send shorter attribute and thus resulting a kernel
read after the buffer.

The patch adds the explicit length checkings.

Reported-by: Julia Lawall <julia.lawall@lip6.fr>
Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
net/netfilter/ipset/ip_set_bitmap_ipmac.c diff | blob | blame | history
net/netfilter/ipset/ip_set_hash_mac.c diff | blob | blame | history