| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <SJ0PR18MB52163C04ECCF817B3F99B58CDB87A@SJ0PR18MB5216.namprd18.prod.outlook.com>
Date: Sun, 3 Dec 2023 15:18:52 +0000
From: Suman Ghosh <sumang@...vell.com>
To: Shigeru Yoshida <syoshida@...hat.com>,
"davem@...emloft.net" <davem@...emloft.net>,
"dsahern@...nel.org" <dsahern@...nel.org>,
"edumazet@...gle.com" <edumazet@...gle.com>,
"kuba@...nel.org" <kuba@...nel.org>,
"pabeni@...hat.com" <pabeni@...hat.com>
CC: "netdev@...r.kernel.org" <netdev@...r.kernel.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: RE: [EXT] [PATCH net v2] ipv4: ip_gre: Avoid skb_pull() failure in
ipgre_xmit()
>In ipgre_xmit(), skb_pull() may fail even if pskb_inet_may_pull()
>returns true. For example, applications can use PF_PACKET to create a
>malformed packet with no IP header. This type of packet causes a problem
>such as uninit-value access.
>
>This patch ensures that skb_pull() can pull the required size by
>checking the skb with pskb_network_may_pull() before skb_pull().
>
>Fixes: c54419321455 ("GRE: Refactor GRE tunneling code.")
>Signed-off-by: Shigeru Yoshida <syoshida@...hat.com>
>---
Reviewed-by: Suman Ghosh <sumang@...vell.com>
>v1 -> v2:
>- Change the title
>- Update the code with Eric's suggestion
>
Powered by blists - more mailing lists