shinys000114/linux
1
0
Fork 0
mirror of https://github.com/hardkernel/linux.git synced 2026-06-10 04:48:04 +09:00
Code Issues Packages Projects Releases Wiki Activity
Files
v2.6.32.42
linux/net/irda
History
Dan Rosenberg 9d880cedb1 irda: prevent integer underflow in IRLMP_ENUMDEVICES 
commit fdac1e0697 upstream.

If the user-provided len is less than the expected offset, the
IRLMP_ENUMDEVICES getsockopt will do a copy_to_user() with a very large
size value.  While this isn't be a security issue on x86 because it will
get caught by the access_ok() check, it may leak large amounts of kernel
heap on other architectures.  In any event, this patch fixes it.

Signed-off-by: Dan Rosenberg <drosenberg@vsecurity.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Cc: Moritz Muehlenhoff <jmm@debian.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2011-04-14 16:53:54 -07:00
..
ircomm
headers: remove sched.h from interrupt.h
2009-10-11 11:20:58 -07:00
irlan
irda: off by one
2010-09-20 13:17:52 -07:00
irnet
irda: prevent heap corruption on invalid nickname
2011-04-14 16:53:25 -07:00
af_irda.c
irda: prevent integer underflow in IRLMP_ENUMDEVICES
2011-04-14 16:53:54 -07:00
discovery.c
irda: Fix a misalign access issue. (v2)
2008-05-13 23:25:57 -07:00
irda_device.c
irda: net_device_ops ioctl fix
2009-03-21 19:19:14 -07:00
iriap_event.c
net: replace remaining __FUNCTION__ occurrences
2008-03-05 20:47:47 -08:00
iriap.c
irda: validate peer name and attribute lengths
2011-04-14 16:53:25 -07:00
irias_object.c
net: replace remaining __FUNCTION__ occurrences
2008-03-05 20:47:47 -08:00
irlap_event.c
net: mark read-only arrays as const
2009-08-05 10:42:58 -07:00
irlap_frame.c
irda: Use SKB queue and list helpers instead of doing it by-hand.
2009-05-28 23:26:33 -07:00
irlap.c
net: mark read-only arrays as const
2009-08-05 10:42:58 -07:00
irlmp_event.c
net: mark read-only arrays as const
2009-08-05 10:42:58 -07:00
irlmp_frame.c
net: replace remaining __FUNCTION__ occurrences
2008-03-05 20:47:47 -08:00
irlmp.c
irda: Fix a misalign access issue. (v2)
2008-05-13 23:25:57 -07:00
irmod.c
net: convert usage of packet_type to read_mostly
2009-03-10 05:22:43 -07:00
irnetlink.c
genetlink: make netns aware
2009-07-12 14:03:27 -07:00
irproc.c
net: file_operations should be const
2009-09-02 01:03:53 -07:00
irqueue.c
net: replace remaining __FUNCTION__ occurrences
2008-03-05 20:47:47 -08:00
irsysctl.c
sysctl: remove "struct file *" argument of ->proc_handler
2009-09-24 07:21:04 -07:00
irttp.c
net: irda: init spinlock after memcpy
2009-07-27 10:49:44 -07:00
Kconfig
[S390] Kconfig: unwanted menus for s390.
2007-05-10 15:46:07 +02:00
Makefile
[IrDA]: Netlink layer.
2007-07-10 22:16:43 -07:00
parameters.c
irda: Fix parameter extraction stack overflow
2010-12-09 13:26:32 -08:00
qos.c
net: replace remaining __FUNCTION__ occurrences
2008-03-05 20:47:47 -08:00
timer.c
net: Make static
2008-12-10 15:18:31 -08:00
wrapper.c
net: replace remaining __FUNCTION__ occurrences
2008-03-05 20:47:47 -08:00