lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Tue, 25 Jun 2019 21:59:12 +0200
From:   Stefano Brivio <sbrivio@...hat.com>
To:     David Miller <davem@...emloft.net>
Cc:     ssuryaextr@...il.com, netdev@...r.kernel.org, dsahern@...il.com
Subject: Re: [PATCH net] ipv4: Use return value of inet_iif() for
 __raw_v4_lookup in the while loop

On Tue, 25 Jun 2019 12:47:38 -0700 (PDT)
David Miller <davem@...emloft.net> wrote:

> From: Stephen Suryaputra <ssuryaextr@...il.com>
> Date: Mon, 24 Jun 2019 20:14:06 -0400
> 
> > In commit 19e4e768064a8 ("ipv4: Fix raw socket lookup for local
> > traffic"), the dif argument to __raw_v4_lookup() is coming from the
> > returned value of inet_iif() but the change was done only for the first
> > lookup. Subsequent lookups in the while loop still use skb->dev->ifIndex.
> > 
> > Signed-off-by: Stephen Suryaputra <ssuryaextr@...il.com>  
> 
> Applied and queued up for -stable.
> 
> I added the appropriate Fixes: tag, please do so next time.

I was about to point that out, but then I noticed that this
doesn't actually fix 19e4e768064a8 ("ipv4: Fix raw socket lookup for
local traffic"), it's just related as it fixes the same issue in
another (very likely) path in the same function.

I think this should have been:
	Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")

I *guess* for -stable purposes the effect is the same.

-- 
Stefano

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ