AuxXxilium/linux_dsm_epyc7002
1
0
Fork 0
mirror of https://github.com/AuxXxilium/linux_dsm_epyc7002.git synced 2025-02-23 13:35:52 +07:00
Code Issues Actions Packages Projects Releases Wiki Activity
7824d5a993
linux_dsm_epyc7002/net/ipv6
History
Florian Westphal 1f3b9000cb netfilter: x_tables: fix compat match/target pad out-of-bound write 
commit b29c457a6511435960115c0f548c4360d5f4801d upstream.

xt_compat_match/target_from_user doesn't check that zeroing the area
to start of next rule won't write past end of allocated ruleset blob.

Remove this code and zero the entire blob beforehand.

Reported-by: syzbot+cfc0247ac173f597aaaa@syzkaller.appspotmail.com
Reported-by: Andy Nguyen <theflow@google.com>
Fixes: 9fa492cdc1 ("[NETFILTER]: x_tables: simplify compat API")
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2021-04-16 11:43:21 +02:00
..
ila
netfilter netfilter: x_tables: fix compat match/target pad out-of-bound write 2021-04-16 11:43:21 +02:00
addrconf_core.c
addrconf.c ipv6: set multicast flag on the multicast route 2021-01-27 11:55:24 +01:00
addrlabel.c ipv6: addrlabel: fix possible memory leak in ip6addrlbl_net_init 2020-11-25 11:20:16 -08:00
af_inet6.c
ah6.c xfrm: Use actual socket sk instead of skb socket for xfrm_output_resume 2021-04-14 08:42:05 +02:00
anycast.c
calipso.c cipso,calipso: resolve a number of problems with the DOI refcounts 2021-03-17 17:06:15 +01:00
datagram.c
esp6_offload.c xfrm: Provide private skb extensions for segmented and hw offloaded ESP packets 2021-04-14 08:42:07 +02:00
esp6.c xfrm: Use actual socket sk instead of skb socket for xfrm_output_resume 2021-04-14 08:42:05 +02:00
exthdrs_core.c
exthdrs_offload.c
exthdrs.c
fib6_notifier.c
fib6_rules.c
fou6.c
icmp.c net: icmp: pass zeroed opts from icmp{,v6}_ndo_send before sending 2021-03-04 11:38:46 +01:00
inet6_connection_sock.c
inet6_hashtables.c
ip6_checksum.c
ip6_fib.c ipv6: fix suspecious RCU usage warning 2021-03-30 14:31:57 +02:00
ip6_flowlabel.c
ip6_gre.c net: always use icmp{,v6}_ndo_send from ndo_start_xmit 2021-03-17 17:06:12 +01:00
ip6_icmp.c net: icmp: pass zeroed opts from icmp{,v6}_ndo_send before sending 2021-03-04 11:38:46 +01:00
ip6_input.c ipv6: weaken the v4mapped source check 2021-03-30 14:32:01 +02:00
ip6_offload.c
ip6_offload.h
ip6_output.c net: ipv6: Validate GSO SKB before finish IPv6 processing 2021-01-23 16:04:00 +01:00
ip6_tunnel.c net: always use icmp{,v6}_ndo_send from ndo_start_xmit 2021-03-17 17:06:12 +01:00
ip6_udp_tunnel.c
ip6_vti.c net: always use icmp{,v6}_ndo_send from ndo_start_xmit 2021-03-17 17:06:12 +01:00
ip6mr.c
ipcomp6.c
ipv6_sockglue.c
Kconfig
Makefile
mcast_snoop.c
mcast.c
mip6.c
ndisc.c net: Exempt multicast addresses from five-second neighbor lifetime 2020-11-13 14:24:39 -08:00
netfilter.c netfilter: use actual socket sk rather than skb sk when routing harder 2020-10-30 12:57:39 +01:00
output_core.c
ping.c
proc.c
protocol.c
raw.c net-ipv6: bugfix - raw & sctp - switch to ipv6_can_nonlocal_bind() 2021-04-14 08:42:02 +02:00
reassembly.c ipv6: Remove dependency of ipv6_frag_thdr_truncated on ipv6 module 2020-11-19 10:49:50 -08:00
route.c net: ipv6: check for validity before dereferencing cfg->fc_nlinfo.nlh 2021-04-14 08:41:57 +02:00
rpl_iptunnel.c
rpl.c
seg6_hmac.c
seg6_iptunnel.c
seg6_local.c
seg6.c
sit.c net: always use icmp{,v6}_ndo_send from ndo_start_xmit 2021-03-17 17:06:12 +01:00
syncookies.c net: Update window_clamp if SOCK_RCVBUF is set 2020-11-10 17:42:35 -08:00
sysctl_net_ipv6.c
tcp_ipv6.c ipv6: weaken the v4mapped source check 2021-03-30 14:32:01 +02:00
tcpv6_offload.c
tunnel6.c
udp_impl.h
udp_offload.c udp: ipv4: manipulate network header of NATed UDP GRO fraglist 2021-02-10 09:29:23 +01:00
udp.c
udplite.c
xfrm6_input.c
xfrm6_output.c
xfrm6_policy.c
xfrm6_protocol.c
xfrm6_state.c
xfrm6_tunnel.c xfrm: interface: fix the priorities for ipip and ipv6 tunnels 2020-10-09 12:29:48 +02:00