linux/net/ipv6 at v2.6.32.39 - linux - sys114

shinys000114/linux

mirror of https://github.com/hardkernel/linux.git synced 2026-06-09 20:32:04 +09:00

Files

History

Vasiliy Kulikov a41e7f1daf ipv6: netfilter: ip6_tables: fix infoleak to userspace

commit 6a8ab06077 upstream.

Structures ip6t_replace, compat_ip6t_replace, and xt_get_revision are
copied from userspace.  Fields of these structs that are
zero-terminated strings are not checked.  When they are used as argument
to a format string containing "%s" in request_module(), some sensitive
information is leaked to userspace via argument of spawned modprobe
process.

The first bug was introduced before the git epoch;  the second was
introduced in 3bc3fe5e (v2.6.25-rc1);  the third is introduced by
6b7d31fc (v2.6.15-rc1).  To trigger the bug one should have
CAP_NET_ADMIN.

Signed-off-by: Vasiliy Kulikov <segoon@openwall.com>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>

2011-04-14 16:53:37 -07:00

..

ipv6: netfilter: ip6_tables: fix infoleak to userspace

2011-04-14 16:53:37 -07:00

addrconf_core.c

[IPV6]: ipv6_addr_type() doesn't know about RFC4193 addresses.

2007-07-31 02:28:21 -07:00

addrconf.c

net: Fix sysctl restarts...

2010-03-15 08:49:38 -07:00

addrlabel.c

net: replace %p6 with %pI6

2008-10-29 12:52:50 -07:00

af_inet6.c

net: constify struct inet6_protocol

2009-09-14 17:03:05 -07:00

ah6.c

net: constify struct inet6_protocol

2009-09-14 17:03:05 -07:00

anycast.c

net: replace %#p6 format specifier with %pi6

2008-10-29 12:50:24 -07:00

datagram.c

netns xfrm: lookup in netns

2008-11-25 17:35:18 -08:00

esp6.c

net: constify struct inet6_protocol

2009-09-14 17:03:05 -07:00

exthdrs_core.c

[NET] IPV6: Fix whitespace errors.

2007-02-10 23:19:42 -08:00

exthdrs.c

ipv6: skb_dst() can be NULL in ipv6_hop_jumbo().

2010-01-18 10:19:52 -08:00

fib6_rules.c

net: Remove unused parameter from fill method in fib_rules_ops.

2009-05-20 17:26:23 -07:00

icmp.c

net: constify struct inet6_protocol

2009-09-14 17:03:05 -07:00

inet6_connection_sock.c

net: skb->dst accessors

2009-06-03 02:51:04 -07:00

inet6_hashtables.c

ipv6: don't use tw net when accounting for recycled tw

2009-02-26 03:35:13 -08:00

ip6_fib.c

xfrm: select sane defaults for xfrm[4|6] gc_thresh

2009-07-30 18:52:15 -07:00

ip6_flowlabel.c

ipv6: Disallow rediculious flowlabel option sizes.

2009-02-06 00:49:55 -08:00

ip6_input.c

net: constify struct inet6_protocol

2009-09-14 17:03:05 -07:00

ip6_output.c

ip: fix truesize mismatch in ip fragmentation

2010-10-28 21:44:08 -07:00

ip6_tunnel.c

ip6ip6: autoload ip6 tunnel

2011-03-14 14:30:00 -07:00

ip6mr.c

net: Make setsockopt() optlen be unsigned.

2009-09-30 16:12:20 -07:00

ipcomp6.c

net: constify struct inet6_protocol

2009-09-14 17:03:05 -07:00

ipv6_sockglue.c

net: Fix IP_MULTICAST_IF

2009-10-19 21:34:20 -07:00

Kconfig

trivial: Kconfig: .ko is normally not included in module names

2009-06-12 18:01:50 +02:00

Makefile

[IPV6] MROUTE: Support multicast forwarding.

2008-04-05 22:33:38 +09:00

mcast.c

bonding: remap muticast addresses without using dev_close() and dev_open()

2009-09-15 02:37:40 -07:00

mip6.c

ipv6: Use correct data types for ICMPv6 type and code

2009-06-23 04:31:07 -07:00

ndisc.c

Revert "sit: stateless autoconf for isatap"

2009-09-26 20:28:07 -07:00

netfilter.c

net: skb->dst accessors

2009-06-03 02:51:04 -07:00

proc.c

net: mark read-only arrays as const

2009-08-05 10:42:58 -07:00

protocol.c

net: constify struct inet6_protocol

2009-09-14 17:03:05 -07:00

raw.c

net: Make setsockopt() optlen be unsigned.

2009-09-30 16:12:20 -07:00

reassembly.c

ipv6: reassembly: use seperate reassembly queues for conntrack and local delivery

2010-01-06 15:04:39 -08:00

route.c

net: Fix IPv6 PMTU disc. w/ asymmetric routes

2010-10-28 21:44:08 -07:00

sit.c

net: don't allow CAP_NET_ADMIN to load non-netdev kernel modules

2011-03-14 14:30:00 -07:00

syncookies.c

percpu: clean up percpu variable definitions

2009-06-24 15:13:48 +09:00

sysctl_net_ipv6.c

inet6: functions shadow global variable

2009-08-02 12:54:30 -07:00

tcp_ipv6.c

tcp: fix ssthresh u16 leftover

2009-09-15 01:30:10 -07:00

tunnel6.c

net: constify struct inet6_protocol

2009-09-14 17:03:05 -07:00

udp_impl.h

net: Make setsockopt() optlen be unsigned.

2009-09-30 16:12:20 -07:00

udp.c

net: fix sk_forward_alloc corruption

2009-10-30 12:25:12 -07:00

udplite.c

net: constify struct inet6_protocol

2009-09-14 17:03:05 -07:00

xfrm6_input.c

netns xfrm: per-netns MIBs

2008-11-25 17:59:52 -08:00

xfrm6_mode_beet.c

ipsec: Interfamily IPSec BEET, ipv4-inner ipv6-outer

2008-08-06 02:40:25 -07:00

xfrm6_mode_ro.c

[IPSEC]: Make x->lastused an unsigned long

2008-01-28 14:53:52 -08:00

xfrm6_mode_transport.c

[IPSEC]: Use IPv6 calling convention as the convention for x->mode->output

2007-10-10 16:55:54 -07:00

xfrm6_mode_tunnel.c

net: skb->dst accessors

2009-06-03 02:51:04 -07:00

xfrm6_output.c

net: skb->dst accessors

2009-06-03 02:51:04 -07:00

xfrm6_policy.c

xfrm6: Fix xfrm6_policy.c build when SYSCTL disabled.

2009-08-04 20:32:16 -07:00

xfrm6_state.c

ipv6: fix sparse warning: Using plain integer as NULL pointer

2009-02-21 23:37:10 -08:00

xfrm6_tunnel.c

ipv6: Use correct data types for ICMPv6 type and code

2009-06-23 04:31:07 -07:00