| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CANn89iKF+DFQQyNJoYA2U-wf4QDPOUG2yNOd8fSu45hQ+TxJ5Q@mail.gmail.com>
Date: Wed, 27 Aug 2025 09:12:09 -0700
From: Eric Dumazet <edumazet@...gle.com>
To: David Ahern <dsahern@...nel.org>
Cc: "David S . Miller" <davem@...emloft.net>, Jakub Kicinski <kuba@...nel.org>,
Paolo Abeni <pabeni@...hat.com>, Simon Horman <horms@...nel.org>, netdev@...r.kernel.org,
eric.dumazet@...il.com
Subject: Re: [PATCH net-next 1/3] inet: ping: check sock_net() in ping_get_port()
On Wed, Aug 27, 2025 at 7:50 AM David Ahern <dsahern@...nel.org> wrote:
>
> On 8/27/25 6:05 AM, Eric Dumazet wrote:
> > We need to check socket netns before considering them in ping_get_port().
> > Otherwise, one malicious netns could 'consume' all ports.
> >
> > Fixes: c319b4d76b9e ("net: ipv4: add IPPROTO_ICMP socket kind")
> > Signed-off-by: Eric Dumazet <edumazet@...gle.com>
> > ---
> > net/ipv4/ping.c | 12 ++++++++----
> > 1 file changed, 8 insertions(+), 4 deletions(-)
> >
>
> Reviewed-by: David Ahern <dsahern@...nel.org>
I will add in V2 this part as well, and will retain your tag.
diff --git a/net/ipv4/ping.c b/net/ipv4/ping.c
index accfc249f6ceb29805e3bbec25d0721d2563cb4f..b6b336dac961bbabbc30f7f7fb5fe41d2ee54125
100644
--- a/net/ipv4/ping.c
+++ b/net/ipv4/ping.c
@@ -181,6 +181,8 @@ static struct sock *ping_lookup(struct net *net,
struct sk_buff *skb, u16 ident)
}
sk_for_each_rcu(sk, hslot) {
+ if (!net_eq(sock_net(sk), net))
+ continue;
isk = inet_sk(sk);
pr_debug("iterate\n");
Powered by blists - more mailing lists