| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1459850188.18188.38.camel@sipsolutions.net> Date: Tue, 05 Apr 2016 11:56:28 +0200 From: Johannes Berg <johannes@...solutions.net> To: Dmitrijs Ivanovs <dmitrijs.ivanovs@...t.com>, linux-wireless@...r.kernel.org Cc: netdev <netdev@...r.kernel.org>, samuel <samuel@...tiz.org>, Pablo Neira Ayuso <pablo@...filter.org>, Thomas Graf <tgraf@...g.ch> Subject: NETLINK_URELEASE non-bound socket problem (was: [PATCH] Fix local DoS in cfg80211 subsystem) Hi Dmitrijs, Thanks for reporting this problem. > The patch below corrects this problem in kernel space. I don't think that this is correct, there are four more users of NETLINK_URELEASE (nfnetlink, NFC), and afaict all of them have the same bug as nl80211. Rather than fix all of them, I think we should simply not report NETLINK_URELEASE for netlink sockets that weren't bound; if any user comes up that requires them later we could add a new event instead. I can't find what commit introduced this code, it goes back before git history, so I don't have the commit log. Maybe it was done for nfnetlink log/queue? Certainly both nl80211 and NFC are much newer. > Also, it is > recommended to ensure that user-space applications are not using > user-supplied port_id for netlink sockets (which is default in > libnl-tiny for example). This I think we should remove from the commit log - it's misleading and there's no point. johannes
Powered by blists - more mailing lists