lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-Id: <161955781000.15707.777989471738202707.git-patchwork-notify@kernel.org>
Date:   Tue, 27 Apr 2021 21:10:10 +0000
From:   patchwork-bot+netdevbpf@...nel.org
To:     Linus Lüssing <linus.luessing@...3.blue>@ci.codeaurora.org
Cc:     netdev@...r.kernel.org, roopa@...dia.com, nikolay@...dia.com,
        kuba@...nel.org, davem@...emloft.net,
        bridge@...ts.linux-foundation.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH net] net: bridge: mcast: fix broken length + header check for
 MRDv6 Adv.

Hello:

This patch was applied to netdev/net-next.git (refs/heads/master):

On Sun, 25 Apr 2021 17:27:35 +0200 you wrote:
> The IPv6 Multicast Router Advertisements parsing has the following two
> issues:
> 
> For one thing, ICMPv6 MRD Advertisements are smaller than ICMPv6 MLD
> messages (ICMPv6 MRD Adv.: 8 bytes vs. ICMPv6 MLDv1/2: >= 24 bytes,
> assuming MLDv2 Reports with at least one multicast address entry).
> When ipv6_mc_check_mld_msg() tries to parse an Multicast Router
> Advertisement its MLD length check will fail - and it will wrongly
> return -EINVAL, even if we have a valid MRD Advertisement. With the
> returned -EINVAL the bridge code will assume a broken packet and will
> wrongly discard it, potentially leading to multicast packet loss towards
> multicast routers.
> 
> [...]

Here is the summary with links:
  - [net] net: bridge: mcast: fix broken length + header check for MRDv6 Adv.
    https://git.kernel.org/netdev/net-next/c/99014088156c

You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ