lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <eac4294f-f7af-45bf-95f9-0163c67716e9@kernel.org>
Date: Thu, 22 Feb 2024 09:16:11 -0700
From: David Ahern <dsahern@...nel.org>
To: Eric Dumazet <edumazet@...gle.com>, "David S . Miller"
 <davem@...emloft.net>, Jakub Kicinski <kuba@...nel.org>,
 Paolo Abeni <pabeni@...hat.com>
Cc: netdev@...r.kernel.org, eric.dumazet@...il.com,
 Christian Brauner <brauner@...nel.org>
Subject: Re: [PATCH net] ipv6: fix potential "struct net" leak in
 inet6_rtm_getaddr()

On 2/22/24 5:17 AM, Eric Dumazet wrote:
> It seems that if userspace provides a correct IFA_TARGET_NETNSID value
> but no IFA_ADDRESS and IFA_LOCAL attributes, inet6_rtm_getaddr()
> returns -EINVAL with an elevated "struct net" refcount.
> 
> Fixes: 6ecf4c37eb3e ("ipv6: enable IFA_TARGET_NETNSID for RTM_GETADDR")
> Signed-off-by: Eric Dumazet <edumazet@...gle.com>
> Cc: Christian Brauner <brauner@...nel.org>
> Cc: David Ahern <dsahern@...nel.org>
> ---
>  net/ipv6/addrconf.c | 7 ++++---
>  1 file changed, 4 insertions(+), 3 deletions(-)
> 

Reviewed-by: David Ahern <dsahern@...nel.org>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ