| commit | 300a7b4c1e3bbb3bd5e5db9af0a059f521f00789 | |
| author | Ben Hutchings <bhutchings@solarflare.com> | |
| Mon, 28 Jun 2010 08:44:07 +0000 (28 08:44 +0000) | ||
| committer | Greg Kroah-Hartman <gregkh@suse.de> | |
| Mon, 2 Aug 2010 17:26:39 +0000 (2 10:26 -0700) | ||
| tree | 02ffa7dddb69eca0be710f85080f575fabd71c28 | treesnapshot (tar.gz zip) |
| parent | 43e8821dcc7371661dc7f2afa99dd81555cb99ab | commitdiff |
ethtool: Fix potential kernel buffer overflow in ETHTOOL_GRXCLSRLALL
commit db048b69037e7fa6a7d9e95a1271a50dc08ae233 upstream.
On a 32-bit machine, info.rule_cnt >= 0x40000000 leads to integer
overflow and the buffer may be smaller than needed. Since
ETHTOOL_GRXCLSRLALL is unprivileged, this can presumably be used for at
least denial of service.
Signed-off-by: Ben Hutchings <bhutchings@solarflare.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
commit db048b69037e7fa6a7d9e95a1271a50dc08ae233 upstream.
On a 32-bit machine, info.rule_cnt >= 0x40000000 leads to integer
overflow and the buffer may be smaller than needed. Since
ETHTOOL_GRXCLSRLALL is unprivileged, this can presumably be used for at
least denial of service.
Signed-off-by: Ben Hutchings <bhutchings@solarflare.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
| net/core/ethtool.c | diffblobblamehistory |