github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-09 15:12:59 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
ddeb2bb7c3
linux/net
History
Mathias Krause 26cd0da83a sock_diag: Fix out-of-bounds access to sock_diag_handlers[] 
Userland can send a netlink message requesting SOCK_DIAG_BY_FAMILY
with a family greater or equal then AF_MAX -- the array size of
sock_diag_handlers[]. The current code does not test for this
condition therefore is vulnerable to an out-of-bound access opening
doors for a privilege escalation.

Signed-off-by: Mathias Krause <minipli <at> googlemail.com>
2013-02-25 12:57:52 -08:00
..
9p 9p: BUG before corrupting memory 2012-06-22 11:37:15 -07:00
802 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2012-04-02 17:53:39 -07:00
8021q Revert "net: maintain namespace isolation between vlan and real device" 2012-05-10 23:03:34 -04:00
appletalk net: Add export.h for EXPORT_SYMBOL/THIS_MODULE to non-modules 2011-10-31 19:30:30 -04:00
atm Remove all #inclusions of asm/system.h 2012-03-28 18:30:03 +01:00
ax25 net ax25: Reorder ax25_exit to remove races. 2012-04-19 15:37:48 -04:00
batman-adv batman-adv: only drop packets of known wifi clients 2012-07-16 09:04:11 -07:00
bluetooth net: bluetooth: Remove the AID_NET_BT* gid numbers 2013-02-20 17:40:53 -08:00
bridge Merge commit 'v3.4.5' into android-3.4 2012-07-16 15:25:51 -07:00
caif caif: Fix memory leakage in the chnl_net.c. 2012-04-13 11:01:44 -04:00
can net: remove skb_orphan_try() 2012-07-16 09:03:48 -07:00
ceph libceph: isolate kmap() call in write_partial_msg_pages() 2012-03-22 10:47:52 -05:00
core sock_diag: Fix out-of-bounds access to sock_diag_handlers[] 2013-02-25 12:57:52 -08:00
dcb net: Add export.h for EXPORT_SYMBOL/THIS_MODULE to non-modules 2011-10-31 19:30:30 -04:00
dccp dccp: fix bug in sequence number validation during connection setup 2012-03-03 09:02:52 -07:00
decnet Remove all #inclusions of asm/system.h 2012-03-28 18:30:03 +01:00
dns_resolver KEYS: Allow special keyrings to be cleared 2012-01-19 14:38:51 +11:00
dsa dsa: Move switch drivers to new directory drivers/net/dsa 2011-11-29 00:21:36 -05:00
econet Remove all #inclusions of asm/system.h 2012-03-28 18:30:03 +01:00
ethernet Remove all #inclusions of asm/system.h 2012-03-28 18:30:03 +01:00
ieee802154 6lowpan: add missing spin_lock_init() 2012-04-26 05:32:55 -04:00
ipv4 Merge commit 'v3.4.5' into android-3.4 2012-07-16 15:25:51 -07:00
ipv6 Merge commit 'v3.4.5' into android-3.4 2012-07-16 15:25:51 -07:00
ipx net: Add export.h for EXPORT_SYMBOL/THIS_MODULE to non-modules 2011-10-31 19:30:30 -04:00
irda Remove all #inclusions of asm/system.h 2012-03-28 18:30:03 +01:00
iucv net: remove skb_orphan_try() 2012-07-16 09:03:48 -07:00
key net/key/af_key.c: add missing kfree_skb 2012-04-13 11:01:44 -04:00
l2tp l2tp: fix a race in l2tp_ip_sendmsg() 2012-07-16 09:03:45 -07:00
lapb Remove all #inclusions of asm/system.h 2012-03-28 18:30:03 +01:00
llc llc: Fix race condition in llc_ui_recvmsg 2012-01-24 15:33:19 -05:00
mac80211 mac80211: fix queues stuck issue with HT bandwidth change 2012-07-16 09:04:40 -07:00
netfilter netfilter: xt_qtaguid: Allow tracking loopback 2013-02-06 18:02:29 -08:00
netlabel netlabel: use GFP flags from caller instead of GFP_ATOMIC 2012-03-22 19:29:57 -04:00
netlink af_netlink: force credentials passing [CVE-2012-3520] 2012-09-18 15:22:59 -07:00
netrom Remove all #inclusions of asm/system.h 2012-03-28 18:30:03 +01:00
nfc NFC: Prevent multiple buffer overflows in NCI 2012-07-16 09:03:50 -07:00
openvswitch openvswitch: checking wrong variable in queue_userspace_packet() 2012-05-13 15:47:34 -04:00
packet Remove all #inclusions of asm/system.h 2012-03-28 18:30:03 +01:00
phonet phonet: Sort out initiailziation and cleanup code. 2012-04-13 11:01:43 -04:00
rds RDS: use gfp flags from caller in conn_alloc() 2012-03-22 19:29:58 -04:00
rfkill rfkill: Introduce CONFIG_RFKILL_PM and use instead of CONFIG_PM to power down 2012-04-09 13:57:48 -07:00
rose Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2012-04-02 17:53:39 -07:00
rxrpc RxRPC: Fix kcalloc parameters swapped 2012-02-14 14:41:55 -05:00
sched netem: fix possible skb leak 2012-05-01 13:40:48 -04:00
sctp sctp: check cached dst before using it 2012-05-10 23:15:47 -04:00
sunrpc SUNRPC: move per-net operations from svc_destroy() 2012-07-16 09:04:39 -07:00
tipc tipc: Optimize setting of immutable payload message header fields 2012-02-29 11:45:35 -05:00
unix af_netlink: force credentials passing [CVE-2012-3520] 2012-09-18 15:22:59 -07:00
wanrouter wanrouter: Remove kernel_lock annotations 2011-11-07 13:27:30 -05:00
wimax net: Add export.h for EXPORT_SYMBOL/THIS_MODULE to non-modules 2011-10-31 19:30:30 -04:00
wireless Merge commit 'v3.4.5' into android-3.4 2012-07-16 15:25:51 -07:00
x25 net:x25: use IS_ENABLED 2011-12-16 15:49:52 -05:00
xfrm ipv6: fix incorrect ipsec fragment 2012-06-10 00:36:15 +09:00
activity_stats.c net: activity_stats: Add statistics for network transmission activity 2012-04-09 13:57:50 -07:00
compat.c Merge branch 'x86-x32-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2012-03-29 18:12:23 -07:00
Kconfig net: Fix CONFIG_RPS option to be turned off 2012-04-09 13:57:51 -07:00
Makefile net: activity_stats: Add statistics for network transmission activity 2012-04-09 13:57:50 -07:00
nonet.c
socket.c tcp: tcp_sendpages() should call tcp_push() once 2012-04-05 19:04:27 -04:00
sysctl_net.c sysctl: Modify __register_sysctl_paths to take a set instead of a root and an nsproxy 2012-01-24 16:40:30 -08:00