| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 29 Mar 2022 21:31:23 -0400 From: "Jason A. Donenfeld" <Jason@...c4.com> To: netdev@...r.kernel.org, davem@...emloft.net, kuba@...nel.org Cc: "Jason A. Donenfeld" <Jason@...c4.com> Subject: [PATCH net 0/4] wireguard patches for 5.18-rc1 Hi Dave/Jakub, Here's a small set of fixes for the next net push: 1) Pipacs reported a CFI violation in a cleanup routine, which he triggered using grsec's RAP. I haven't seen reports of this yet from the Android/CFI world yet, but it's only a matter of time there. 2) A small rng cleanup to the self test harness to make it initialize faster on 5.18. 3) Wang reported and fixed a skb leak for CONFIG_IPV6=n. 4) After Wang's fix for the direct leak, I investigated how that code path even could be hit, and found that the netlink layer still handles IPv6 endpoints, when it probably shouldn't. The relevant commits have stable@ and fixes tags. Thanks, Jason Jason A. Donenfeld (3): wireguard: queueing: use CFI-safe ptr_ring cleanup function wireguard: selftests: simplify RNG seeding wireguard: socket: ignore v6 endpoints when ipv6 is disabled Wang Hai (1): wireguard: socket: free skb in send6 when ipv6 is disabled drivers/net/wireguard/queueing.c | 3 ++- drivers/net/wireguard/socket.c | 5 ++-- tools/testing/selftests/wireguard/qemu/init.c | 26 +++++-------------- 3 files changed, 12 insertions(+), 22 deletions(-) -- 2.35.1
Powered by blists - more mailing lists