]> git.karo-electronics.de Git - karo-tx-linux.git/commit
projects / karo-tx-linux.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: e2ebf28) | patch
econet: fix CVE-2010-3848
authorPhil Blundell <philb@gnu.org>
Wed, 24 Nov 2010 19:51:47 +0000 (11:51 -0800)
committerGreg Kroah-Hartman <gregkh@suse.de>
Mon, 21 Mar 2011 19:44:18 +0000 (12:44 -0700)
commit3f33eee5d6d77e4185d8e9a7a082da1a7c200064
tree4c94ba86fb80a8c5d0701e8ec04705a5be5ea6a8tree | snapshot
parente2ebf28f8733a1cc3539a02e6c07e08e9eff9962commit | diff
econet: fix CVE-2010-3848

commit a27e13d370415add3487949c60810e36069a23a6 upstream.

Don't declare variable sized array of iovecs on the stack since this
could cause stack overflow if msg->msgiovlen is large.  Instead, coalesce
the user-supplied data into a new buffer and use a single iovec for it.

Signed-off-by: Phil Blundell <philb@gnu.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
net/econet/af_econet.c diff | blob | history
Linux kernel for KaRo TX COM modules