lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 05 Mar 2020 12:00:27 -0800 (PST) From: David Miller <davem@...emloft.net> To: edumazet@...gle.com Cc: netdev@...r.kernel.org, eric.dumazet@...il.com, syzkaller@...glegroups.com Subject: Re: [PATCH net] slip: make slhc_compress() more robust against malicious packets From: Eric Dumazet <edumazet@...gle.com> Date: Wed, 4 Mar 2020 15:51:43 -0800 > Before accessing various fields in IPV4 network header > and TCP header, make sure the packet : > > - Has IP version 4 (ip->version == 4) > - Has not a silly network length (ip->ihl >= 5) > - Is big enough to hold network and transport headers > - Has not a silly TCP header size (th->doff >= sizeof(struct tcphdr) / 4) > > syzbot reported : ... > Fixes: b5451d783ade ("slip: Move the SLIP drivers") > Signed-off-by: Eric Dumazet <edumazet@...gle.com> > Reported-by: syzbot <syzkaller@...glegroups.com> Applied and queued up for -stable, thanks.
Powered by blists - more mailing lists