| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20170515110819.11847-1-tobias.jungel@bisdn.de>
Date: Mon, 15 May 2017 13:08:19 +0200
From: Tobias Jungel <tobias.jungel@...dn.de>
To: Stephen Hemminger <stephen@...workplumber.org>,
"David S. Miller" <davem@...emloft.net>, netdev@...r.kernel.org
Subject: [PATCH] bridge: netlink: check vlan_default_pvid range
Currently it is allowed to set the default pvid of a bridge to a value
above VLAN_VID_MASK (0xfff). This patch checks the passed pvid and
disables the pvid in case it is out of bounds.
Reproduce by calling:
[root@...t ~]# ip l a type bridge
[root@...t ~]# ip l a type dummy
[root@...t ~]# ip l s bridge0 type bridge vlan_filtering 1
[root@...t ~]# ip l s bridge0 type bridge vlan_default_pvid 9999
[root@...t ~]# ip l s dummy0 master bridge0
[root@...t ~]# bridge vlan
port vlan ids
bridge0 9999 PVID Egress Untagged
dummy0 9999 PVID Egress Untagged
---
net/bridge/br_vlan.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/bridge/br_vlan.c b/net/bridge/br_vlan.c
index b838213..e363d75 100644
--- a/net/bridge/br_vlan.c
+++ b/net/bridge/br_vlan.c
@@ -820,7 +820,7 @@ int __br_vlan_set_default_pvid(struct net_bridge *br, u16 pvid)
int err = 0;
unsigned long *changed;
- if (!pvid) {
+ if (!pvid || pvid >= VLAN_VID_MASK) {
br_vlan_disable_default_pvid(br);
return 0;
}
--
2.9.4
Powered by blists - more mailing lists