| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CA++eYdtOendgSVix0aibj_Ykd=7td4ac3z9Zz1c_p67Xy3bWYw@mail.gmail.com> Date: Thu, 30 Jul 2015 22:26:08 +0200 From: Kenneth Klette Jonassen <kennetkl@....uio.no> To: sbohrer@...advisors.com, netdev <netdev@...r.kernel.org> Cc: Yurij.Plotnikov@...etlabs.ru, David Miller <davem@...emloft.net>, Ståle Kristoffersen <stalk@...dgetech.tv> Subject: Re: ipv4/udp: Verify multicast group is ours in upd_v4_early_demux() Commit 6e54030 breaks the IP_MULTICAST_ALL socket option. There is already a check in ip_mc_sf_allow() that should do the filtering you claim to fix. Was it considered? Commit message: 421b3885bf6d56391297844f43fb7154a6396e12 "udp: ipv4: Add udp early demux" introduced a regression that allowed sockets bound to INADDR_ANY to receive packets from multicast groups that the socket had not joined... man ip(7): IP_MULTICAST_ALL (since Linux 2.6.31) This option can be used to modify the delivery policy of multicast messages to sockets bound to the wildcard INADDR_ANY address. The argument is a boolean integer (defaults to 1). If set to 1, the socket will receive messages from all the groups that have been joined globally on the whole system. Otherwise, it will deliver messages only from the groups that have been explicitly joined… -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists