summaryrefslogtreecommitdiffstats
path: root/net/dcb
diff options
context:
space:
mode:
authorWander Lairson Costa <wander@redhat.com>2023-08-28 15:21:07 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>2023-08-30 17:34:01 +0200
commit69c5d284f67089b4750d28ff6ac6f52ec224b330 (patch)
treed4d91ea8164ad38baed284615e8e720baacd5390 /net/dcb
parentnetfilter: xt_sctp: validate the flag_info count (diff)
downloadlinux-69c5d284f67089b4750d28ff6ac6f52ec224b330.tar.xz
linux-69c5d284f67089b4750d28ff6ac6f52ec224b330.zip
netfilter: xt_u32: validate user space input
The xt_u32 module doesn't validate the fields in the xt_u32 structure. An attacker may take advantage of this to trigger an OOB read by setting the size fields with a value beyond the arrays boundaries. Add a checkentry function to validate the structure. This was originally reported by the ZDI project (ZDI-CAN-18408). Fixes: 1b50b8a371e9 ("[NETFILTER]: Add u32 match") Cc: stable@vger.kernel.org Signed-off-by: Wander Lairson Costa <wander@redhat.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/dcb')
0 files changed, 0 insertions, 0 deletions