| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 12 Apr 2013 16:38:27 +0100 From: Ian Campbell <Ian.Campbell@...rix.com> To: Wei Liu <wei.liu2@...rix.com> CC: "netdev@...r.kernel.org" <netdev@...r.kernel.org>, "xen-devel@...ts.xen.org" <xen-devel@...ts.xen.org>, "annie.li@...cle.com" <annie.li@...cle.com>, "konrad.wilk@...cle.com" <konrad.wilk@...cle.com>, "jbeulich@...e.com" <jbeulich@...e.com>, "wdauchy@...il.com" <wdauchy@...il.com>, David Vrabel <david.vrabel@...rix.com> Subject: Re: [PATCH V4 7/7] xen-netback: don't disconnect frontend when seeing oversize packet On Fri, 2013-04-12 at 15:24 +0100, Wei Liu wrote: > Some frontend drivers are sending packets > 64 KiB in length. This length > overflows the length field in the first slot making the following slots have > an invalid length. > > Turn this error back into a non-fatal error by dropping the packet. To avoid > having the following slots having fatal errors, consume all slots in the > packet. > > This does not reopen the security hole in XSA-39 as if the packet as an > invalid number of slots it will still hit fatal error case. > > Signed-off-by: David Vrabel <david.vrabel@...rix.com> > Signed-off-by: Wei Liu <wei.liu2@...rix.com> Acked-by: Ian Campbell <ian.campbell@...rix.com> -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists