| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <cover.1663628505.git.jtoppins@redhat.com> Date: Mon, 19 Sep 2022 19:08:44 -0400 From: Jonathan Toppins <jtoppins@...hat.com> To: "netdev @ vger . kernel . org" <netdev@...r.kernel.org> Subject: [PATCH net 0/2] bonding: fix NULL deref in bond_rr_gen_slave_id Fix a NULL dereference of the struct bonding.rr_tx_counter member because if a bond is initially created with an initial mode != zero (Round Robin) the memory required for the counter is never created and when the mode is changed there is never any attempt to verify the memory is allocated upon switching modes. The first patch provides a selftest to demonstrate the issue and the second patch fixes the issue. Jonathan Toppins (2): selftests: bonding: cause oops in bond_rr_gen_slave_id bonding: fix NULL deref in bond_rr_gen_slave_id drivers/net/bonding/bond_main.c | 15 +++--- .../selftests/drivers/net/bonding/Makefile | 3 +- .../bonding/bond-arp-interval-causes-panic.sh | 48 +++++++++++++++++++ 3 files changed, 56 insertions(+), 10 deletions(-) create mode 100755 tools/testing/selftests/drivers/net/bonding/bond-arp-interval-causes-panic.sh -- 2.31.1
Powered by blists - more mailing lists