| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 2 Aug 2013 10:50:52 -0300 From: Werner Almesberger <werner@...esberger.net> To: netdev@...r.kernel.org Subject: [PATCH net-next 0/2] icmpv6_filter: correct minimum ICMPv6 message size These two patches correct the minimum ICMPv6 message size enforced by net/ipv6/raw.c:icmpv6_filter The first patch corrects a type error. Because of the error, ICMPv6 raw sockets on 32 bit systems accepted ICMPv6 messages as small as 4 bytes, while 64 bit systems required at least 8 bytes. The second patch reduces the amount of data we require from eight (i.e., the ICMPv6 header plus four bytes of message body) to four bytes. This is needed for protocols like RPL (RFC 6550) that use ICMPv6 messages with bodies smaller than four bytes. Note that applications that assume that the kernel will not pass such short ICMPv6 messages on raw sockets may misbehave on 64 bit systems after applying these patches. However, even if such applications exist, they would already have that vulnerability on 32 bit systems. - Werner Werner Almesberger (2): icmpv6_filter: fix "_hdr" incorrectly being a pointer icmpv6_filter: allow ICMPv6 messages with bodies < 4 bytes net/ipv6/raw.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) -- 1.8.1.2 -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists