2017-04-25, 19:08:18 +0200, Jason A. Donenfeld wrote: > We call skb_cow_data, which is good anyway to ensure we can actually > modify the skb as such (another error from prior). Now that we have the > number of fragments required, we can safely allocate exactly that amount > of memory. > > Signed-off-by: Jason A. Donenfeld <[email protected]> > Cc: Sabrina Dubroca <[email protected]> > Cc: [email protected] > Cc: [email protected]
Acked-by: Sabrina Dubroca <[email protected]> Fixes: c09440f7dcb3 ("macsec: introduce IEEE 802.1AE driver") Fixes: CVE-2017-7477 David, this fix is essentially equivalent to my patch "macsec: avoid heap overflow in skb_to_sgvec on receive". Feel free to pick my patch if you prefer (it's smaller), but this looks ok to me. Thanks, -- Sabrina
