lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 13 Jan 2017 13:01:44 +0100 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-kernel@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>, stable@...r.kernel.org, Frank Kellermann <frank.kellermann@...s.net>, David Ahern <dsa@...ulusnetworks.com>, "David S. Miller" <davem@...emloft.net> Subject: [PATCH 4.9 37/59] net: vrf: do not allow table id 0 4.9-stable review patch. If anyone has any objections, please let me know. ------------------ From: David Ahern <dsa@...ulusnetworks.com> [ Upstream commit 24c63bbc18e25d5d8439422aa5fd2d66390b88eb ] Frank reported that vrf devices can be created with a table id of 0. This breaks many of the run time table id checks and should not be allowed. Detect this condition at create time and fail with EINVAL. Fixes: 193125dbd8eb ("net: Introduce VRF device driver") Reported-by: Frank Kellermann <frank.kellermann@...s.net> Signed-off-by: David Ahern <dsa@...ulusnetworks.com> Signed-off-by: David S. Miller <davem@...emloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh@...uxfoundation.org> --- drivers/net/vrf.c | 2 ++ 1 file changed, 2 insertions(+) --- a/drivers/net/vrf.c +++ b/drivers/net/vrf.c @@ -1239,6 +1239,8 @@ static int vrf_newlink(struct net *src_n return -EINVAL; vrf->tb_id = nla_get_u32(data[IFLA_VRF_TABLE]); + if (vrf->tb_id == RT_TABLE_UNSPEC) + return -EINVAL; dev->priv_flags |= IFF_L3MDEV_MASTER;
Powered by blists - more mailing lists