| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 01 Jun 2012 11:09:43 +0800 From: Jason Wang <jasowang@...hat.com> To: David Miller <davem@...emloft.net> CC: netdev@...r.kernel.org, edumazet@...gle.com, mst@...hat.com, linux-kernel@...r.kernel.org, stable@...r.kernel.org Subject: Re: [V2 PATCH] net: sock: validate data_len before allocating skb in sock_alloc_send_pskb() On 06/01/2012 06:21 AM, David Miller wrote: > From: Jason Wang<jasowang@...hat.com> > Date: Thu, 31 May 2012 15:18:10 +0800 > >> We need to validate the number of pages consumed by data_len, otherwise frags >> array could be overflowed by userspace. So this patch validate data_len and >> return -EMSGSIZE when data_len may occupies more frags than MAX_SKB_FRAGS. >> >> Signed-off-by: Jason Wang<jasowang@...hat.com> > Applied and queued up for -stable. > > Please do not add explicit stable CC:'s to networking patches, I queue > appropriate changes up myself, and submit them only when I feel that > the change has had sufficient exposure and testing in Linus's tree. Sure, would pay attention next time. > -- > To unsubscribe from this list: send the line "unsubscribe linux-kernel" in > the body of a message to majordomo@...r.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html > Please read the FAQ at http://www.tux.org/lkml/ -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists