lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 06 Mar 2014 20:15:45 +0100 From: Nikolay Aleksandrov <nikolay@...hat.com> To: Sasha Levin <sasha.levin@...cle.com>, fubar@...ibm.com, vfalico@...hat.com, andy@...yhouse.net CC: davem@...emloft.net, netdev@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH] bonding: correctly handle out of range parameters for lp_interval On 03/06/2014 07:03 PM, Sasha Levin wrote: > We didn't correctly check cases where the value for lp_interval is not > within the legal range due to a missing table terminator. > > This would let userspace trigger a kernel panic by specifying a value out > of range: > > echo -1 > /sys/devices/virtual/net/bond0/bonding/lp_interval > > Introduced by commit "bonding: add infrastructure for an option API". > > Signed-off-by: Sasha Levin <sasha.levin@...cle.com> > --- > drivers/net/bonding/bond_options.c | 1 + > 1 files changed, 1 insertions(+), 0 deletions(-) > > diff --git a/drivers/net/bonding/bond_options.c b/drivers/net/bonding/bond_options.c > index 23f3655..4d35cdc 100644 > --- a/drivers/net/bonding/bond_options.c > +++ b/drivers/net/bonding/bond_options.c > @@ -124,6 +124,7 @@ static struct bond_opt_value bond_resend_igmp_tbl[] = { > static struct bond_opt_value bond_lp_interval_tbl[] = { > { "minval", 1, BOND_VALFLAG_MIN | BOND_VALFLAG_DEFAULT}, > { "maxval", INT_MAX, BOND_VALFLAG_MAX}, > + { NULL, -1, 0}, > }; > > static struct bond_option bond_opts[] = { > Thanks! One note though, the commit that introduces the problem is not that one. It's 4325b374f84e59226851636df946f2500d0bfeba ("bonding: convert lp_interval to use the new option API"), after that's corrected you can add my: Acked-by: Nikolay Aleksandrov <nikolay@...hat.com> -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists