search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
(parent: 8391972) | patch
inet_diag: fix inet_diag_bc_audit()
commite892e8ae5702bff1eb6a7ba53d1daa7c9acdc88a
authorEric Dumazet <eric.dumazet@gmail.com>
Fri, 17 Jun 2011 20:25:39 +0000 (17 16:25 -0400)
committerAndi Kleen <ak@linux.intel.com>
Mon, 1 Aug 2011 20:54:58 +0000 (1 13:54 -0700)
tree6b786b1ce004d4bbd6de57df2a0421b0bd510f18tree | snapshot (tar.gz zip)
parent8391972fad7fa9ecce49fe70872ca7e3817361b9commit | diff
inet_diag: fix inet_diag_bc_audit()

[ Upstream commit eeb1497277d6b1a0a34ed36b97e18f2bd7d6de0d ]

A malicious user or buggy application can inject code and trigger an
infinite loop in inet_diag_bc_audit()

Also make sure each instruction is aligned on 4 bytes boundary, to avoid
unaligned accesses.

Reported-by: Dan Rosenberg <drosenberg@vsecurity.com>
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Signed-off-by: Andi Kleen <ak@linux.intel.com>
net/ipv4/inet_diag.c diff | blob | blame | history
Linux 2.6 ibm-acpi/thinkpad-acpi driver git tree