netfilter: x_tables: fix pointer leaks to userspace - kernel/linux.git

diff options

author	Dmitry Vyukov <dvyukov@google.com>	2018-01-29 15:21:20 +0300
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2018-01-31 16:59:24 +0300
commit	1e98ffea5a8935ec040ab72299e349cb44b8defd (patch)
tree	512f7e462d332f478c0e3459ca1794abc0c32a9d /net/socket.c
parent	0b8d9073539e217f79ec1bff65eb205ac796723d (diff)
download	linux-1e98ffea5a8935ec040ab72299e349cb44b8defd.tar.xz

netfilter: x_tables: fix pointer leaks to userspace

Several netfilter matches and targets put kernel pointers into info objects, but don't set usersize in descriptors. This leads to kernel pointer leaks if a match/target is set and then read back to userspace. Properly set usersize for these matches/targets. Found with manual code inspection. Fixes: ec2318904965 ("xtables: extend matches and targets with .usersize") Signed-off-by: Dmitry Vyukov <dvyukov@google.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

Diffstat (limited to 'net/socket.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: