openkylin
/
linux
mirror of https://gitee.com/openkylin/linux.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity
linux/drivers/net
History
Jan Beulich 780e83c259 xen-netback: fix input validation in xenvif_set_hash_mapping() 
Both len and off are frontend specified values, so we need to make
sure there's no overflow when adding the two for the bounds check. We
also want to avoid undefined behavior and hence use off to index into
->hash.mapping[] only after bounds checking. This at the same time
allows to take care of not applying off twice for the bounds checking
against vif->num_queues.

It is also insufficient to bounds check copy_op.len, as this is len
truncated to 16 bits.

This is XSA-270 / CVE-2018-15471.

Reported-by: Felix Wilhelm <fwilhelm@google.com>
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Reviewed-by: Paul Durrant <paul.durrant@citrix.com>
Tested-by: Paul Durrant <paul.durrant@citrix.com>
Cc: stable@vger.kernel.org [4.7 onwards]
Signed-off-by: David S. Miller <davem@davemloft.net>
 		2018-09-25 10:39:34 -07:00
..
appletalk net/appletalk: fix minor pointer leak to userspace in SIOCFINDIPDDPRT 2018-09-13 10:35:57 -07:00
arcnet
bonding bonding: use netpoll_poll_dev() helper 2018-09-23 21:55:24 -07:00
caif
can Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2018-08-15 15:04:25 -07:00
dsa net: dsa: mv88e6xxx: Fix ATU Miss Violation 2018-09-17 08:03:53 -07:00
ethernet net: macb: Clean 64b dma addresses if they are not detected 2018-09-25 10:33:52 -07:00
fddi
fjes fjes: use currently unused variable my_epid and max_epid 2018-07-05 19:34:21 +09:00
hamradio net/hamradio/6pack: remove redundant variable channel 2018-07-05 19:34:45 +09:00
hippi
hyperv hv_netvsc: pair VF based on serial number 2018-09-17 07:59:41 -07:00
ieee802154 ieee802154: hwsim: using right kind of iteration 2018-08-14 09:58:57 -07:00
ipvlan
netdevsim Merge ra.kernel.org:/pub/scm/linux/kernel/git/davem/net 2018-08-02 10:55:32 -07:00
phy sfp: fix oops with ethtool -m 2018-09-18 20:14:19 -07:00
plip
ppp pppoe: fix reception of frames with no mac header 2018-09-17 07:50:26 -07:00
slip
team team: Publish team_port_get_rcu() 2018-07-11 23:10:19 -07:00
usb qmi_wwan: set DTR for modems in forced USB2 mode 2018-09-17 19:23:27 -07:00
vmxnet3
wan Merge ra.kernel.org:/pub/scm/linux/kernel/git/davem/net 2018-08-05 13:04:31 -07:00
wimax wimax: usb-tx: mark expected switch fall-through 2018-08-11 11:29:36 -07:00
wireless Here are quite a large number of fixes, notably: 2018-09-03 22:12:02 -07:00
xen-netback xen-netback: fix input validation in xenvif_set_hash_mapping() 2018-09-25 10:39:34 -07:00
Kconfig
LICENSE.SRC
Makefile
Space.c
dummy.c
eql.c
geneve.c
gtp.c gtp: constify nla_policy 2018-07-20 12:33:37 -07:00
ifb.c
loopback.c
macsec.c
macvlan.c macvlan: Change status when lower device goes down 2018-07-11 23:07:22 -07:00
macvtap.c
mdio.c
mii.c
net_failover.c failover: change mtu has RTNL 2018-07-29 12:57:26 -07:00
netconsole.c
nlmon.c
ntb_netdev.c
rionet.c
sb1000.c
sungem_phy.c
tap.c
thunderbolt.c
tun.c tun: remove ndo_poll_controller 2018-09-23 21:55:25 -07:00
veth.c veth: Orphan skb before GRO 2018-09-16 15:33:50 -07:00
virtio_net.c virtio_net: remove duplicated include from virtio_net.c 2018-08-13 09:21:05 -07:00
vrf.c
vsockmon.c
vxlan.c vxlan: fix default fdb entry netlink notify ordering during netdev create 2018-07-22 10:52:37 -07:00
xen-netfront.c xen/netfront: don't bug in case of too many frags 2018-09-13 08:22:15 -07:00