lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 21 Aug 2020 10:05:16 -0600 From: David Ahern <dsahern@...il.com> To: Nikolay Aleksandrov <nikolay@...ulusnetworks.com>, syzbot <syzbot+a61aa19b0c14c8770bd9@...kaller.appspotmail.com>, davem@...emloft.net, kuba@...nel.org, kuznet@....inr.ac.ru, linux-kernel@...r.kernel.org, netdev@...r.kernel.org, syzkaller-bugs@...glegroups.com, yoshfuji@...ux-ipv6.org Subject: Re: general protection fault in fib_dump_info (2) On 8/21/20 10:00 AM, Nikolay Aleksandrov wrote: > > This seems like a much older bug to me, the code allows to pass 0 groups > and > thus we end up without any nh_grp_entry pointers. I reproduced it with a > modified iproute2 that sends an empty NHA_GROUP and then just uses the new > nexthop in any way (e.g. add a route with it). This is the same bug as the > earlier report for: "general protection fault in fib_check_nexthop" hmmm.... empty NHA_GROUP should not be allowed. > > I have a patch but I'll be able to send it tomorrow. > thanks.
Powered by blists - more mailing lists