| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <51503945.6040204@citrix.com>
Date: Mon, 25 Mar 2013 11:47:17 +0000
From: David Vrabel <david.vrabel@...rix.com>
To: Wei Liu <wei.liu2@...rix.com>
CC: "xen-devel@...ts.xen.org" <xen-devel@...ts.xen.org>,
"netdev@...r.kernel.org" <netdev@...r.kernel.org>,
Ian Campbell <Ian.Campbell@...rix.com>,
"annie.li@...cle.com" <annie.li@...cle.com>,
"konrad.wilk@...cle.com" <konrad.wilk@...cle.com>
Subject: Re: [PATCH 6/6] xen-netback: don't disconnect frontend when seeing
oversize frame
On 25/03/13 11:08, Wei Liu wrote:
> Some buggy frontends may generate frames larger than 64 KiB. We should
> aggresively consume all slots and drop the packet instead of disconnecting the
> frontend.
The following is the changeset description I wrote internally. It's a
bit more descriptive.
Apologies for not sending out a proper patch in the first place.
"Some frontend drivers are sending packets >= 64 KiB in length. This
length overflows the length field in the first frag making the
following frags have an invalid length ("Frag is bigger than frame").
Turn this error back into a non-fatal error by dropping the packet.
To avoid having the following frags having fatal errors, consume all
frags in the packet.
This does not reopen the security hole as if the packet as an invalid
number of frags it will still hit this fatal error case."
David
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists