lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20230815095310.3310160-1-steffen.klassert@secunet.com>
Date: Tue, 15 Aug 2023 11:52:59 +0200
From: Steffen Klassert <steffen.klassert@...unet.com>
To: David Miller <davem@...emloft.net>, Jakub Kicinski <kuba@...nel.org>
CC: Herbert Xu <herbert@...dor.apana.org.au>, Steffen Klassert
	<steffen.klassert@...unet.com>, <netdev@...r.kernel.org>
Subject: [PATCH 0/11] pull request (net): ipsec 2023-08-15

1) Fix a slab-out-of-bounds read in xfrm_address_filter.
   From Lin Ma.

2) Fix the pfkey sadb_x_filter validation.
   From Lin Ma.

3) Use the correct nla_policy structure for XFRMA_SEC_CTX.
   From Lin Ma.

4) Fix warnings triggerable by bad packets in the encap functions.
   From Herbert Xu.

5) Fix some slab-use-after-free in decode_session6.
   From Zhengchao Shao.

6) Fix a possible NULL piointer dereference in xfrm_update_ae_params.
   Lin Ma.

7) Add a forgotten nla_policy for XFRMA_MTIMER_THRESH.
   From Lin Ma.

8) Don't leak offloaded policies.
   From Leon Romanovsky.

9) Delete also the offloading part of an acquire state.
   From Leon Romanovsky.

Please pull or let me know if there are problems.

Thanks!

The following changes since commit 3a8a670eeeaa40d87bd38a587438952741980c18:

  Merge tag 'net-next-6.5' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next (2023-06-28 16:43:10 -0700)

are available in the Git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec.git tags/ipsec-2023-08-15

for you to fetch changes up to f3ec2b5d879ef5bbcb24678914641343cb6399a2:

  xfrm: don't skip free of empty state in acquire policy (2023-08-01 12:04:43 +0200)

----------------------------------------------------------------
ipsec-2023-08-15

----------------------------------------------------------------
Herbert Xu (1):
      xfrm: Silence warnings triggerable by bad packets

Leon Romanovsky (2):
      xfrm: delete offloaded policy
      xfrm: don't skip free of empty state in acquire policy

Lin Ma (5):
      net: xfrm: Fix xfrm_address_filter OOB read
      net: af_key: fix sadb_x_filter validation
      net: xfrm: Amend XFRMA_SEC_CTX nla_policy structure
      xfrm: add NULL check in xfrm_update_ae_params
      xfrm: add forgotten nla_policy for XFRMA_MTIMER_THRESH

Zhengchao Shao (3):
      xfrm: fix slab-use-after-free in decode_session6
      ip6_vti: fix slab-use-after-free in decode_session6
      ip_vti: fix potential slab-use-after-free in decode_session6

 include/net/xfrm.h             |  1 +
 net/ipv4/ip_vti.c              |  4 ++--
 net/ipv6/ip6_vti.c             |  4 ++--
 net/key/af_key.c               |  4 ++--
 net/xfrm/xfrm_compat.c         |  2 +-
 net/xfrm/xfrm_input.c          | 22 +++++++++-------------
 net/xfrm/xfrm_interface_core.c |  4 ++--
 net/xfrm/xfrm_state.c          |  8 ++------
 net/xfrm/xfrm_user.c           | 15 +++++++++++++--
 9 files changed, 34 insertions(+), 30 deletions(-)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ