lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sat, 16 Jan 2021 11:44:18 +0100 From: Guillaume Nault <gnault@...hat.com> To: David Miller <davem@...emloft.net>, Jakub Kicinski <kuba@...nel.org> Cc: netdev@...r.kernel.org, Paolo Abeni <pabeni@...hat.com>, Florian Westphal <fw@...len.de>, Pablo Neira Ayuso <pablo@...filter.org>, Jozsef Kadlecsik <kadlec@...filter.org> Subject: [PATCH net 0/2] ipv4: Ensure ECN bits don't influence source address validation Functions that end up calling fib_table_lookup() should clear the ECN bits from the TOS, otherwise ECT(0) and ECT(1) packets can be treated differently. Most functions already clear the ECN bits, but there are a few cases where this is not done. This series only fixes the ones related to source address validation. Guillaume Nault (2): udp: mask TOS bits in udp_v4_early_demux() netfilter: rpfilter: mask ecn bits before fib lookup net/ipv4/netfilter/ipt_rpfilter.c | 2 +- net/ipv4/udp.c | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) -- 2.21.3
Powered by blists - more mailing lists