lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 19 Mar 2013 13:40:45 +0000 From: David Vrabel <david.vrabel@...rix.com> To: Wei Liu <wei.liu2@...rix.com> CC: Ian Campbell <Ian.Campbell@...rix.com>, "netdev@...r.kernel.org" <netdev@...r.kernel.org>, "xen-devel@...ts.xen.org" <xen-devel@...ts.xen.org>, "annie.li@...cle.com" <annie.li@...cle.com>, "konrad.wilk@...cle.com" <konrad.wilk@...cle.com> Subject: Re: [Xen-devel] [PATCH 2/4] xen-netfront: drop skb when skb->len > 65535 On 18/03/13 14:19, Wei Liu wrote: > On Mon, 2013-03-18 at 14:00 +0000, David Vrabel wrote: >> On 18/03/13 13:48, Ian Campbell wrote: >>> On Mon, 2013-03-18 at 13:46 +0000, David Vrabel wrote: >>>> On 18/03/13 10:35, Wei Liu wrote: >>>>> The `size' field of Xen network wire format is uint16_t, anything bigger than >>>>> 65535 will cause overflow. >>>> >>>> The backend needs to be able to handle these bad packets without >>>> disconnecting the VIF -- we can't fix all the frontend drivers. >>> >>> Agreed, although that doesn't imply that we shouldn't fix the frontend >>> where we can -- such as upstream as Wei does here. >> >> Yes, frontends should be fixed where possible. >> >> This is what I came up with for the backend. I don't have time to look >> into it further but, Wei, feel free to use it as a starting point. >> > > Thanks for this patch. > > I haven't gone through XSA-39 discussion, this is why I didn't come up > with a fix for backend -- I need to make sure dropping packet like this > won't re-exhibit the security hole. How are these overlarge packets generated? How do you reproduce the issue? David -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists