lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sun, 23 Jul 2017 09:58:00 -0700 From: Pravin Shelar <pshelar@....org> To: Liping Zhang <zlpnobody@....com> Cc: "David S. Miller" <davem@...emloft.net>, Pravin Shelar <pshelar@...ira.com>, Linux Kernel Network Developers <netdev@...r.kernel.org>, Liping Zhang <zlpnobody@...il.com> Subject: Re: [PATCH net] openvswitch: fix potential out of bound access in parse_ct On Sun, Jul 23, 2017 at 2:52 AM, Liping Zhang <zlpnobody@....com> wrote: > From: Liping Zhang <zlpnobody@...il.com> > > Before the 'type' is validated, we shouldn't use it to fetch the > ovs_ct_attr_lens's minlen and maxlen, else, out of bound access > may happen. > > Fixes: 7f8a436eaa2c ("openvswitch: Add conntrack action") > Signed-off-by: Liping Zhang <zlpnobody@...il.com> Good catch! Acked-by: Pravin B Shelar <pshelar@....org>
Powered by blists - more mailing lists