lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Mon, 2 Mar 2015 13:22:12 +0000
From:	One Thousand Gnomes <gnomes@...rguk.ukuu.org.uk>
To:	Jiri Slaby <jslaby@...e.cz>
Cc:	Dan Carpenter <dan.carpenter@...cle.com>,
	Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
	linux-kernel@...r.kernel.org
Subject: Re: potential corruption in synclink driver

> Yes and no :). In theory, the only line discipline which can handle
> large chunks is hdlc. That one limits the count to 4096 by default. But
> you are right, if someone sets maxframe in hdlc to the maximum value
> (65535) and won't set maxframe of synclinc, they will have a buffer
> overflow.
> 
> These two guys are so old and ugly, maybe unused, so that I don't even

They are still made, which puts them ahead of about 3/4 of the less
maintained crap under drivers/

> know if they are worth fixing. In the normal case (no maxframe override
> on commandline/module param), they should be safe.
> 
> Maybe we can drop the support to override by parameters...

Why do we care ? You have to be root to override the parameters anyway. If
you can set those values you can already compromise the box anyway you
feel fit. The problem is "if I am sufficiently expert to know about
obscure config options, have the privilege to set them and screw up
totally while using those privileges"

The options are important for certain special case uses where you have >
4K frame sizes. A check on oversize frames might not be a bad idea but I
don't think dropping it makes sense.

Alan
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ