subject:"\[PATCH net\] udp\: prevent bugcheck if filter truncates packet too much"

Re: [PATCH net] udp: prevent bugcheck if filter truncates packet too much

2016-07-11 Thread David Miller

From: Michal Kubecek Date: Fri, 8 Jul 2016 17:52:33 +0200 (CEST) > If socket filter truncates an udp packet below the length of UDP header > in udpv6_queue_rcv_skb() or udp_queue_rcv_skb(), it will trigger a > BUG_ON in skb_pull_rcsum(). This BUG_ON (and therefore a system

Re: [PATCH net] udp: prevent bugcheck if filter truncates packet too much

2016-07-09 Thread Willem de Bruijn

On Sat, Jul 9, 2016 at 6:43 AM, Michal Kubecek wrote: > On Sat, Jul 09, 2016 at 11:48:49AM +0200, Daniel Borkmann wrote: >> On 07/09/2016 02:20 AM, Alexei Starovoitov wrote: >> >On Sat, Jul 09, 2016 at 01:31:40AM +0200, Eric Dumazet wrote: >> >>On Fri, 2016-07-08 at 17:52 +0200,

Re: [PATCH net] udp: prevent bugcheck if filter truncates packet too much

2016-07-09 Thread Michal Kubecek

On Sat, Jul 09, 2016 at 11:48:49AM +0200, Daniel Borkmann wrote: > On 07/09/2016 02:20 AM, Alexei Starovoitov wrote: > >On Sat, Jul 09, 2016 at 01:31:40AM +0200, Eric Dumazet wrote: > >>On Fri, 2016-07-08 at 17:52 +0200, Michal Kubecek wrote: > >>>If socket filter truncates an udp packet below the

Re: [PATCH net] udp: prevent bugcheck if filter truncates packet too much

2016-07-09 Thread Daniel Borkmann

On 07/09/2016 02:20 AM, Alexei Starovoitov wrote: On Sat, Jul 09, 2016 at 01:31:40AM +0200, Eric Dumazet wrote: On Fri, 2016-07-08 at 17:52 +0200, Michal Kubecek wrote: If socket filter truncates an udp packet below the length of UDP header in udpv6_queue_rcv_skb() or udp_queue_rcv_skb(), it

Re: [PATCH net] udp: prevent bugcheck if filter truncates packet too much

2016-07-08 Thread Alexei Starovoitov

On Sat, Jul 09, 2016 at 01:31:40AM +0200, Eric Dumazet wrote: > On Fri, 2016-07-08 at 17:52 +0200, Michal Kubecek wrote: > > If socket filter truncates an udp packet below the length of UDP header > > in udpv6_queue_rcv_skb() or udp_queue_rcv_skb(), it will trigger a > > BUG_ON in

Re: [PATCH net] udp: prevent bugcheck if filter truncates packet too much

2016-07-08 Thread Eric Dumazet

On Fri, 2016-07-08 at 17:52 +0200, Michal Kubecek wrote: > If socket filter truncates an udp packet below the length of UDP header > in udpv6_queue_rcv_skb() or udp_queue_rcv_skb(), it will trigger a > BUG_ON in skb_pull_rcsum(). This BUG_ON (and therefore a system crash if > kernel is configured

[PATCH net] udp: prevent bugcheck if filter truncates packet too much

2016-07-08 Thread Michal Kubecek

If socket filter truncates an udp packet below the length of UDP header in udpv6_queue_rcv_skb() or udp_queue_rcv_skb(), it will trigger a BUG_ON in skb_pull_rcsum(). This BUG_ON (and therefore a system crash if kernel is configured that way) can be easily enforced by an unprivileged user which

Re: [PATCH net] udp: prevent bugcheck if filter truncates packet too much

Re: [PATCH net] udp: prevent bugcheck if filter truncates packet too much

Re: [PATCH net] udp: prevent bugcheck if filter truncates packet too much

Re: [PATCH net] udp: prevent bugcheck if filter truncates packet too much

Re: [PATCH net] udp: prevent bugcheck if filter truncates packet too much

Re: [PATCH net] udp: prevent bugcheck if filter truncates packet too much

[PATCH net] udp: prevent bugcheck if filter truncates packet too much

7 matches

Site Navigation

Mail list logo

Footer information