| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 10 Oct 2007 10:31:08 +0200
From: Anton Arapov <aarapov@...hat.com>
To: "Denis V. Lunev" <den@...ru>
Cc: netdev@...r.kernel.org
Subject: Re: [PATCH] ipv4: kernel panic when only one unsecured port available
"Denis V. Lunev" <den@...ru> writes:
> Anton Arapov wrote:
>> "Denis V. Lunev" <den@...ru> writes:
>>> This code is broken from the very beginning.
>>>
>>> iris den # cat /proc/sys/net/ipv4/ip_local_port_range
>>> 32768 61000
>>> iris den # echo 32768 32 >/proc/sys/net/ipv4/ip_local_port_range
>>> iris den # cat /proc/sys/net/ipv4/ip_local_port_range
>>> 32768 32
>>> iris den # echo 32768 61000 >/proc/sys/net/ipv4/ip_local_port_range
>>
>> If you're talking about checks in sysctl, I believe it should be
>> another patch for sysctl only, and I'm going to push it via -mm tree.
>>
>> the devision by zero exists in inet_connection_socket.c, and must be
>> fixed for sure because the situation with the same min and max port
>> numbers in sysctl are possible and not prohibited.
>>
>> Cheers!
>
> your patch change nothing :( unfortunately. If I set '32768 32767' it
> will oops again.
Patch prevents the system crash. System traps on division by zero.
Your case(MAX<MIN) must be handled by sysctl. Do you want to say
that I have to join patch for sysctl.c to this one? It's bad idea.
--
Anton Arapov, <aarapov@...hat.com>
Kernel Development, Red Hat
GPG Key ID: 0x6FA8C812
Content of type "application/pgp-signature" skipped
Powered by blists - more mailing lists