| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 31 May 2018 12:23:24 +0200
From: Steffen Klassert <steffen.klassert@...unet.com>
To: David Miller <davem@...emloft.net>
CC: Herbert Xu <herbert@...dor.apana.org.au>,
Steffen Klassert <steffen.klassert@...unet.com>,
<netdev@...r.kernel.org>
Subject: pull request (net): ipsec 2018-05-31
1) Avoid possible overflow of the offset variable
in _decode_session6(), this fixes an infinite
lookp there. From Eric Dumazet.
2) We may use an error pointer in the error path of
xfrm_bundle_create(). Fix this by returning this
pointer directly to the caller.
Please pull or let me know if there are problems.
Thanks!
The following changes since commit 2c5d5b13c6eb79f5677e206b8aad59b3a2097f60:
llc: better deal with too small mtu (2018-05-08 00:11:40 -0400)
are available in the git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec.git master
for you to fetch changes up to 38369f54d97dd7dc50c73a2797bfeb53c2e87d2d:
xfrm Fix potential error pointer dereference in xfrm_bundle_create. (2018-05-31 09:53:04 +0200)
----------------------------------------------------------------
Eric Dumazet (1):
xfrm6: avoid potential infinite loop in _decode_session6()
Steffen Klassert (1):
xfrm Fix potential error pointer dereference in xfrm_bundle_create.
net/ipv6/xfrm6_policy.c | 2 +-
net/xfrm/xfrm_policy.c | 5 ++---
2 files changed, 3 insertions(+), 4 deletions(-)
Powered by blists - more mailing lists