lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <20240206173844.30271-1-apanov@astralinux.ru>
Date: Tue,  6 Feb 2024 20:38:43 +0300
From: Alexey Panov <apanov@...ralinux.ru>
To: stable@...r.kernel.org,
	Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Cc: Alexey Panov <apanov@...ralinux.ru>,
	Eric Dumazet <edumazet@...gle.com>,
	Jakub Kicinski <kuba@...nel.org>,
	Paolo Abeni <pabeni@...hat.com>,
	Sasha Levin <sashal@...nel.org>,
	Kuniyuki Iwashima <kuniyu@...zon.com>,
	Mohamed Khalfella <mkhalfella@...estorage.com>,
	Pratyush Yadav <ptyadav@...zon.de>,
	Kees Cook <keescook@...omium.org>,
	Liang Chen <liangchen.linux@...il.com>,
	Marcelo Ricardo Leitner <marcelo.leitner@...il.com>,
	netdev@...r.kernel.org,
	linux-kernel@...r.kernel.org,
	lvc-project@...uxtesting.org
Subject: [PATCH 5.10/5.15/6.1 0/1] net: prevent mss overflow in skb_segment()

Syzkaller reports NULL pointer dereference issue at skb_segment()
in 5.10/5.15/6.1 stable releases. The problem has been fixed by
the following patch which can be cleanly applied to 5.10/5.15/6.1 branches.

Found by Linux Verification Center (linuxtesting.org) with Syzkaller.


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ