github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-10 15:42:19 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
af2d6dceea
linux/net
History
Dan Rosenberg 73c9362424 x25: Prevent crashing when parsing bad X.25 facilities 
commit 5ef41308f9 upstream.

Now with improved comma support.

On parsing malformed X.25 facilities, decrementing the remaining length
may cause it to underflow.  Since the length is an unsigned integer,
this will result in the loop continuing until the kernel crashes.

This patch adds checks to ensure decrementing the remaining length does
not cause it to wrap around.

Signed-off-by: Dan Rosenberg <drosenberg@vsecurity.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2010-12-09 13:27:10 -08:00
..
9p 9p: strlen() doesn't count the terminator 2010-08-10 10:20:39 -07:00
802 net: remove COMPAT_NET_DEV_OPS 2009-05-25 01:53:53 -07:00
8021q vlan: Fix register_vlan_dev() error path 2009-11-17 06:45:04 -08:00
appletalk Have atalk_route_packet() return NET_RX_SUCCESS not NET_XMIT_SUCCESS 2009-09-14 17:02:47 -07:00
atm net: Make setsockopt() optlen be unsigned. 2009-09-30 16:12:20 -07:00
ax25 ax25: netrom: rose: Fix timer oopses 2010-02-09 04:50:56 -08:00
bluetooth Bluetooth: Fix kernel crash on L2CAP stress tests 2010-04-01 15:58:55 -07:00
bridge bridge: Clear INET control block of SKBs passed into ip_fragment(). 2010-09-26 17:21:19 -07:00
can can-bcm: fix minor heap overflow 2010-12-09 13:27:10 -08:00
core net: NETIF_F_HW_CSUM does not imply FCoE CRC offload 2010-12-09 13:26:44 -08:00
dcb net: fix double skb free in dcbnl 2009-09-26 20:16:15 -07:00
dccp dccp_probe: Fix module load dependencies between dccp and dccp_probe 2010-05-12 14:57:11 -07:00
decnet DECnet: don't leak uninitialized stack byte 2010-12-09 13:27:03 -08:00
dsa netdev: convert pseudo-devices to netdev_tx_t 2009-09-01 01:13:07 -07:00
econet Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2009-08-12 17:44:53 -07:00
ethernet net: remove COMPAT_NET_DEV_OPS 2009-05-25 01:53:53 -07:00
ieee802154 net: Make setsockopt() optlen be unsigned. 2009-09-30 16:12:20 -07:00
ipv4 Limit sysctl_tcp_mem and sysctl_udp_mem initializers to prevent integer overflows. 2010-12-09 13:27:06 -08:00
ipv6 ip: fix truesize mismatch in ip fragmentation 2010-10-28 21:44:08 -07:00
ipx net: Make setsockopt() optlen be unsigned. 2009-09-30 16:12:20 -07:00
irda irda: Fix heap memory corruption in iriap.c 2010-12-09 13:26:32 -08:00
iucv net: Make setsockopt() optlen be unsigned. 2009-09-30 16:12:20 -07:00
key net: file_operations should be const 2009-09-02 01:03:53 -07:00
lapb net: remove NET_RX_BAD and NET_RX_CN* defines 2009-07-05 19:15:35 -07:00
llc net/llc: make opt unsigned in llc_ui_setsockopt() 2010-09-26 17:21:24 -07:00
mac80211 mac80211: fix supported rates IE if AP doesn't give us it's rates 2010-08-02 10:21:27 -07:00
netfilter netfilter: nf_conntrack: allow nf_ct_alloc_hashtable() to get highmem pages 2010-12-09 13:26:51 -08:00
netlabel Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2009-07-30 19:22:43 -07:00
netlink netlink: fix compat recvmsg 2010-08-26 16:41:55 -07:00
netrom ax25: netrom: rose: Fix timer oopses 2010-02-09 04:50:56 -08:00
packet af_packet: Don't use skb after dev_queue_xmit() 2010-02-09 04:50:56 -08:00
phonet Phonet: disable network namespace support 2010-10-28 21:44:17 -07:00
rds De-pessimize rds_page_copy_user 2010-10-28 21:44:05 -07:00
rfkill Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-2.6 2009-11-23 14:01:47 -08:00
rose rose: Fix signedness issues wrt. digi count. 2010-10-28 21:44:10 -07:00
rxrpc net: Make setsockopt() optlen be unsigned. 2009-09-30 16:12:20 -07:00
sched net sched: fix kernel leak in act_police 2010-12-09 13:27:05 -08:00
sctp Limit sysctl_tcp_mem and sysctl_udp_mem initializers to prevent integer overflows. 2010-12-09 13:27:06 -08:00
sunrpc SUNRPC: Fix race corrupting rpc upcall 2010-09-20 13:18:14 -07:00
tipc tipc: Fix oops on send prior to entering networked mode (v3) 2010-07-05 11:11:16 -07:00
unix UNIX: Do not loop forever at unix_autobind(). 2010-09-26 17:21:21 -07:00
wanrouter headers: smp_lock.h redux 2009-07-12 12:22:34 -07:00
wimax wimax: fix warning caused by not checking retval of rfkill_set_hw_state() 2009-06-11 11:12:48 -07:00
wireless wext: fix potential private ioctl memory content leak 2010-10-28 21:44:02 -07:00
x25 x25: Prevent crashing when parsing bad X.25 facilities 2010-12-09 13:27:10 -08:00
xfrm net: file_operations should be const 2009-09-02 01:03:53 -07:00
compat.c net: Make setsockopt() optlen be unsigned. 2009-09-30 16:12:20 -07:00
Kconfig net/compat/wext: send different messages to compat tasks 2009-07-15 08:53:39 -07:00
Makefile net: remove redundant sched/ in net/Makefile 2009-07-12 20:11:14 -07:00
nonet.c
socket.c net: Make setsockopt() optlen be unsigned. 2009-09-30 16:12:20 -07:00
sysctl_net.c net: sysctl_net - use net_eq to compare nets 2009-03-16 16:23:30 +01:00
TUNABLE