github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-09 23:23:53 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
39d2dd53da
linux/net/ceph
History
Tyler Hicks a0d7384148 libceph: Fix NULL pointer dereference in auth client code 
commit 2cb33cac62 upstream.

A malicious monitor can craft an auth reply message that could cause a
NULL function pointer dereference in the client's kernel.

To prevent this, the auth_none protocol handler needs an empty
ceph_auth_client_ops->build_request() function.

CVE-2013-1059

Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Reported-by: Chanam Park <chanam.park@hkpco.kr>
Reviewed-by: Seth Arnold <seth.arnold@canonical.com>
Reviewed-by: Sage Weil <sage@inktank.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2013-07-13 11:03:40 -07:00
..
crush crush: fix memory leak when destroying tree buckets 2012-11-26 11:38:03 -08:00
armor.c libceph: Fix base64-decoding when input ends in newline. 2011-03-15 09:14:02 -07:00
auth_none.c libceph: Fix NULL pointer dereference in auth client code 2013-07-13 11:03:40 -07:00
auth_none.h ceph: factor out libceph from Ceph file system 2010-10-20 15:37:28 -07:00
auth_x_protocol.h ceph: factor out libceph from Ceph file system 2010-10-20 15:37:28 -07:00
auth_x.c libceph: wrap auth ops in wrapper functions 2013-06-20 11:58:47 -07:00
auth_x.h libceph: add update_authorizer auth method 2013-06-20 11:58:46 -07:00
auth.c libceph: wrap auth methods in a mutex 2013-06-20 11:58:47 -07:00
buffer.c net: allow GFP_HIGHMEM in __vmalloc() 2010-11-21 10:04:04 -08:00
ceph_common.c libceph: remove 'osdtimeout' option 2013-01-17 08:51:20 -08:00
ceph_fs.c ceph: fix file mode calculation 2011-07-19 11:25:04 -07:00
ceph_hash.c ceph: add dir_layout to inode 2011-01-12 15:15:12 -08:00
ceph_strings.c ceph: factor out libceph from Ceph file system 2010-10-20 15:37:28 -07:00
crypto.c libceph: fix crypto key null deref, memory leak 2012-11-26 11:38:42 -08:00
crypto.h libceph: fix crypto key null deref, memory leak 2012-11-26 11:38:42 -08:00
debugfs.c libceph: delay debugfs initialization until we learn global_id 2012-11-26 11:38:43 -08:00
Kconfig ceph: use kernel DNS resolver 2011-10-25 16:10:16 -07:00
Makefile Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2010-12-08 13:47:38 -08:00
messenger.c libceph: clear messenger auth_retry flag when we authenticate 2013-06-20 11:58:46 -07:00
mon_client.c libceph: wrap auth ops in wrapper functions 2013-06-20 11:58:47 -07:00
msgpool.c libceph: initialize msgpool message types 2012-11-26 11:38:38 -08:00
osd_client.c libceph: wrap auth ops in wrapper functions 2013-06-20 11:58:47 -07:00
osdmap.c libceph: fix osdmap decode error paths 2013-01-17 08:51:19 -08:00
pagelist.c ceph: fix num_pages_free accounting in pagelist 2010-10-20 15:38:23 -07:00
pagevec.c libceph: fix handling of short returns from get_user_pages 2011-03-03 13:47:39 -08:00