summaryrefslogtreecommitdiff
path: root/net/ipv4/syncookies.c
diff options
context:
space:
mode:
authorBen Hutchings <bhutchings@solarflare.com>2010-09-07 08:35:19 +0400
committerDavid S. Miller <davem@davemloft.net>2010-09-09 01:01:52 +0400
commitee9c5cfad29c8a13199962614b9b16f1c4137ac9 (patch)
tree12c53593c04b2c443029fe1a4b64393b3e6e92b9 /net/ipv4/syncookies.c
parent6523ce1525e88c598c75a1a6b8c4edddfa9defe8 (diff)
downloadlinux-ee9c5cfad29c8a13199962614b9b16f1c4137ac9.tar.xz
niu: Fix kernel buffer overflow for ETHTOOL_GRXCLSRLALL
niu_get_ethtool_tcam_all() assumes that its output buffer is the right size, and warns before returning if it is not. However, the output buffer size is under user control and ETHTOOL_GRXCLSRLALL is an unprivileged ethtool command. Therefore this is at least a local denial-of-service vulnerability. Change it to check before writing each entry and to return an error if the buffer is already full. Compile-tested only. Signed-off-by: Ben Hutchings <bhutchings@solarflare.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv4/syncookies.c')
0 files changed, 0 insertions, 0 deletions