FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Ubuntu > Ubuntu Kernel Team

 
 
LinkBack Thread Tools
 
Old 07-11-2012, 08:03 PM
Herton Ronaldo Krzesinski
 
Default Ack: net: sock: validate data_len before allocating skb in sock_alloc_send_pskb()

The hardy patch doesn't touch openvz, but as mentioned the code on it is
different.

--
[]'s
Herton

--
kernel-team mailing list
kernel-team@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/kernel-team
 
Old 07-11-2012, 08:42 PM
Seth Forshee
 
Default Ack: net: sock: validate data_len before allocating skb in sock_alloc_send_pskb()

On Wed, Jul 11, 2012 at 12:42:11PM -0700, Brad Figg wrote:
> CVE-2012-2136
>
> BugLink: http://bugs.launchpad.net/bugs/1006622
>
> We need to validate the number of pages consumed by data_len, otherwise frags
> array could be overflowed by userspace. So this patch validate data_len and
> return -EMSGSIZE when data_len may occupies more frags than MAX_SKB_FRAGS.
>
> Jason Wang (1):
> net: sock: validate data_len before allocating skb in
> sock_alloc_send_pskb()
>
> net/core/sock.c | 7 +++++--
> 1 file changed, 5 insertions(+), 2 deletions(-)
>
> --
> 1.7.9.5
>
>
> --
> kernel-team mailing list
> kernel-team@lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team

--
kernel-team mailing list
kernel-team@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/kernel-team
 

Thread Tools




All times are GMT. The time now is 10:31 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org