]> git.karo-electronics.de Git - karo-tx-linux.git/commit
projects / karo-tx-linux.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 59ff9f9) | patch
netfilter: x_tables: make sure e->next_offset covers remaining blob size
authorFlorian Westphal <fw@strlen.de>
Tue, 22 Mar 2016 17:02:50 +0000 (18:02 +0100)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Fri, 24 Jun 2016 17:18:22 +0000 (10:18 -0700)
commit868fe2536f8741ebf807ed717734e6c321c478e9
tree490b79094eb4d2c93fd7bdbc292958a190978708tree | snapshot
parent59ff9f9b38b39afeb167fdc16c52976587b2c45acommit | diff
netfilter: x_tables: make sure e->next_offset covers remaining blob size

commit 6e94e0cfb0887e4013b3b930fa6ab1fe6bb6ba91 upstream.

Otherwise this function may read data beyond the ruleset blob.

Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
net/ipv4/netfilter/arp_tables.c diff | blob | history
net/ipv4/netfilter/ip_tables.c diff | blob | history
net/ipv6/netfilter/ip6_tables.c diff | blob | history
Linux kernel for KaRo TX COM modules