| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <ff1c1622-a57c-471e-b41f-8fb4cb2f233d@redhat.com>
Date: Thu, 14 Nov 2024 12:10:05 +0100
From: Paolo Abeni <pabeni@...hat.com>
To: Jeongjun Park <aha310510@...il.com>, pablo@...filter.org,
kadlec@...filter.org
Cc: davem@...emloft.net, edumazet@...gle.com, kuba@...nel.org,
horms@...nel.org, kaber@...sh.net, netfilter-devel@...r.kernel.org,
coreteam@...filter.org, netdev@...r.kernel.org,
linux-kernel@...r.kernel.org, stable@...r.kernel.org,
syzbot+58c872f7790a4d2ac951@...kaller.appspotmail.com
Subject: Re: [PATCH net v2] netfilter: ipset: add missing range check in
bitmap_ip_uadt
On 11/13/24 14:02, Jeongjun Park wrote:
> When tb[IPSET_ATTR_IP_TO] is not present but tb[IPSET_ATTR_CIDR] exists,
> the values of ip and ip_to are slightly swapped. Therefore, the range check
> for ip should be done later, but this part is missing and it seems that the
> vulnerability occurs.
>
> So we should add missing range checks and remove unnecessary range checks.
>
> Cc: <stable@...r.kernel.org>
> Reported-by: syzbot+58c872f7790a4d2ac951@...kaller.appspotmail.com
> Fixes: 72205fc68bd1 ("netfilter: ipset: bitmap:ip set type support")
> Signed-off-by: Jeongjun Park <aha310510@...il.com>
@Pablo, @Jozsef: despite the subj prefix, I guess this should go via
your tree. Please LMK if you prefer otherwise.
Cheers,
Paolo
Powered by blists - more mailing lists