| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 11 Jan 2024 19:49:12 +0000 From: Eric Dumazet <edumazet@...gle.com> To: "David S . Miller" <davem@...emloft.net>, Jakub Kicinski <kuba@...nel.org>, Paolo Abeni <pabeni@...hat.com> Cc: Matthieu Baerts <matttbe@...nel.org>, Mat Martineau <martineau@...nel.org>, Geliang Tang <geliang.tang@...ux.dev>, Florian Westphal <fw@...len.de>, netdev@...r.kernel.org, eric.dumazet@...il.com, Eric Dumazet <edumazet@...gle.com> Subject: [PATCH net 0/5] mptcp: better validation of MPTCPOPT_MP_JOIN option Based on a syzbot report (see 4th patch in the series). We need to be more explicit about which one of the following flag is set by mptcp_parse_option(): - OPTION_MPTCP_MPJ_SYN - OPTION_MPTCP_MPJ_SYNACK - OPTION_MPTCP_MPJ_ACK Then select the appropriate values instead of OPTIONS_MPTCP_MPJ Paolo suggested to do the same for OPTIONS_MPTCP_MPC (5th patch) Eric Dumazet (5): mptcp: mptcp_parse_option() fix for MPTCPOPT_MP_JOIN mptcp: strict validation before using mp_opt->hmac mptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect() mptcp: use OPTION_MPTCP_MPJ_SYN in subflow_check_req() mptcp: refine opt_mp_capable determination net/mptcp/options.c | 6 +++--- net/mptcp/subflow.c | 16 ++++++++-------- 2 files changed, 11 insertions(+), 11 deletions(-) -- 2.43.0.275.g3460e3d667-goog
Powered by blists - more mailing lists