lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 23 Apr 2018 21:11:22 -0400 (EDT) From: David Miller <davem@...emloft.net> To: g.nault@...halink.fr Cc: netdev@...r.kernel.org, jchapman@...alix.com Subject: Re: [PATCH net] l2tp: check sockaddr length in pppol2tp_connect() From: Guillaume Nault <g.nault@...halink.fr> Date: Mon, 23 Apr 2018 16:15:14 +0200 > Check sockaddr_len before dereferencing sp->sa_protocol, to ensure that > it actually points to valid data. > > Fixes: fd558d186df2 ("l2tp: Split pppol2tp patch into separate l2tp and ppp parts") > Reported-by: syzbot+a70ac890b23b1bf29f5c@...kaller.appspotmail.com > Signed-off-by: Guillaume Nault <g.nault@...halink.fr> Applied and queued up for -stable. I guess you can completely remove the "bad socket address" -EINVAL else clause later in the function as a cleanup in net-next.
Powered by blists - more mailing lists