linux/net at 322e31f2d47198dfd0f4e2b880cd1fbfa7a2931f - linux - sys114

shinys000114/linux

mirror of https://github.com/hardkernel/linux.git synced 2026-04-01 02:33:01 +09:00

Files

History

Mathias Krause 7bd46285b2 sock_diag: Fix out-of-bounds access to sock_diag_handlers[]

[ Upstream commit 6e601a5356 ]

Userland can send a netlink message requesting SOCK_DIAG_BY_FAMILY
with a family greater or equal then AF_MAX -- the array size of
sock_diag_handlers[]. The current code does not test for this
condition therefore is vulnerable to an out-of-bound access opening
doors for a privilege escalation.

Signed-off-by: Mathias Krause <minipli@googlemail.com>
Acked-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

2013-02-28 05:38:41 -08:00

..

virtio: 9p: correctly pass physical address to userspace for high pages

2012-10-22 18:19:36 +10:30

tokenring: delete all remaining driver support

2012-05-15 20:23:16 -04:00

8021q: fix vlan device to inherit the unicast filtering capability flag

2012-11-30 12:07:27 -05:00

userns: Print out socket uids in a user namespace aware fashion.

2012-08-14 21:48:06 -07:00

atm: use scnprintf() instead of sprintf()

2012-12-17 20:50:51 -08:00

userns: Convert net/ax25 to use kuid_t where appropriate

2012-08-14 21:49:42 -07:00

batman-adv: Fix NULL pointer dereference in DAT hash collision avoidance

2013-02-13 13:35:24 -05:00

Bluetooth: Fix hci_conn timeout routine

2013-01-31 15:38:02 -02:00

bridge: set priority of STP packets

2013-02-11 14:16:52 -05:00

caif_usb: Make the driver name check more efficient

2012-12-09 00:34:02 -05:00

Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial

2012-12-13 12:00:02 -08:00

Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/sage/ceph-client

2013-01-02 17:32:49 -08:00

sock_diag: Fix out-of-bounds access to sock_diag_handlers[]

2013-02-28 05:38:41 -08:00

net: Allow DCBnl to use other namespaces besides init_net

2012-12-10 14:09:01 -05:00

inet: Fix kmemleak in tcp_v4/6_syn_recv_sock and dccp_v4/6_request_recv_sock

2012-12-14 13:14:07 -05:00

net: Push capable(CAP_NET_ADMIN) into the rtnl methods

2012-11-18 20:32:44 -05:00

Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security

2012-12-16 15:40:50 -08:00

dsa: Hide core config options; make drivers select what they need

2012-11-26 17:10:44 -05:00

ipx: move peII functions

2012-07-19 10:48:00 -07:00

6lowpan: consider checksum bytes in fragmentation threshold

2012-11-30 12:19:24 -05:00

tcp: fix SYN-data space mis-accounting

2013-02-28 05:38:41 -08:00

ipv6: fix race condition regarding dst->expires and dst->from.

2013-02-28 05:38:40 -08:00

userns: Print out socket uids in a user namespace aware fashion.

2012-08-14 21:48:06 -07:00

Merge tag 'tty-3.8-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty

2012-12-11 14:08:47 -08:00

s390/irq: remove split irq fields from /proc/stat

2013-01-08 10:57:07 +01:00

net: Allow userns root to control llc, netfilter, netlink, packet, and xfrm

2012-11-18 20:32:45 -05:00

l2tp: dont play with skb->truesize

2013-02-08 01:49:49 -05:00

lapb: Neaten debugging

2012-05-17 18:45:20 -04:00

net: Allow userns root to control llc, netfilter, netlink, packet, and xfrm

2012-11-18 20:32:45 -05:00

mac80211: fix channel selection bug

2013-02-11 11:12:26 +01:00

mac802154: fix NOHZ local_softirq_pending 08 warning

2013-01-04 13:47:21 -08:00

ipvs: sctp: fix checksumming on snat and dnat handlers

2013-02-06 09:56:50 +09:00

Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next

2012-10-02 13:38:27 -07:00

netlink: validate addr_len on bind

2012-12-17 20:50:51 -08:00

net: change return values from -EACCES to -EPERM

2012-09-21 13:58:08 -04:00

nfc: remove noisy message from llcp_sock_sendmsg

2012-12-13 12:58:10 -05:00

openvswitch: Move LRO check from transmit to receive.

2013-01-21 23:57:26 -08:00

packet: fix leakage of tx_ring memory

2013-02-03 16:15:23 -05:00

net: Push capable(CAP_NET_ADMIN) into the rtnl methods

2012-11-18 20:32:44 -05:00

IB/rds: suppress incompatible protocol when version is known

2012-12-26 15:17:37 -08:00

Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial

2012-12-13 12:00:02 -08:00

net: Convert all sysctl registrations to register_net_sysctl

2012-04-20 21:22:30 -04:00

Merge branch 'modules-next' of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux

2012-10-14 13:39:34 -07:00

htb: fix values in opt dump

2013-02-12 18:51:11 -05:00

net, sctp: remove CONFIG_EXPERIMENTAL

2013-02-13 13:57:27 -05:00

Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net

2013-02-09 07:55:24 +11:00

tipc: refactor accept() code for improved readability

2012-12-07 17:23:24 -05:00

net: Don't export sysctls to unprivileged users

2012-11-18 20:30:55 -05:00

wanmain: comparing array with NULL

2012-07-24 13:55:21 -07:00

net: cleanup unsigned to unsigned int

2012-04-15 12:44:40 -04:00

Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless into for-davem

2013-02-01 13:43:25 -05:00

net: Fix (nearly-)kernel-doc comments for various functions

2012-07-10 23:13:45 -07:00

xfrm: fix freed block size calculation in xfrm_policy_fini()

2013-01-21 06:50:04 +01:00

compat.c

make get_file() return its argument

2012-09-26 21:10:25 -04:00

Kconfig

net: Add INET dependency on aes crypto for the sake of TCP fastopen.

2012-09-04 14:20:14 -04:00

Makefile

ipv6: Preserve ipv6 functionality needed by NET

2012-11-18 02:34:00 -05:00

nonet.c

llseek: automatically add .llseek fop

2010-10-15 15:53:27 +02:00

socket.c

cgroup: net_cls: Rework update socket logic

2012-10-26 03:40:51 -04:00

sysctl_net.c

user_ns: get rid of duplicate code in net_ctl_permissions

2012-11-18 20:32:45 -05:00