mirror of
https://github.com/AuxXxilium/linux_dsm_epyc7002.git
synced 2024-12-17 05:49:31 +07:00
7bab09631c
The 'dir' parameter in xfrm_migrate() is a user-controlled byte which is used
as an array index. This can lead to an out-of-bound access, kernel lockup and
DoS. Add a check for the 'dir' value.
This fixes CVE-2017-11600.
References: https://bugzilla.redhat.com/show_bug.cgi?id=1474928
Fixes:
|
||
---|---|---|
.. | ||
Kconfig | ||
Makefile | ||
xfrm_algo.c | ||
xfrm_device.c | ||
xfrm_hash.c | ||
xfrm_hash.h | ||
xfrm_input.c | ||
xfrm_ipcomp.c | ||
xfrm_output.c | ||
xfrm_policy.c | ||
xfrm_proc.c | ||
xfrm_replay.c | ||
xfrm_state.c | ||
xfrm_sysctl.c | ||
xfrm_user.c |