From: Marcelo Ricardo Leitner <marcelo.leitner@xxxxxxxxx> Date: Tue, 25 Oct 2016 14:27:39 -0200 > Andrey Konovalov reported that KASAN detected that SCTP was using a slab > beyond the boundaries. It was caused because when handling out of the > blue packets in function sctp_sf_ootb() it was checking the chunk len > only after already processing the first chunk, validating only for the > 2nd and subsequent ones. > > The fix is to just move the check upwards so it's also validated for the > 1st chunk. > > Reported-by: Andrey Konovalov <andreyknvl@xxxxxxxxxx> > Tested-by: Andrey Konovalov <andreyknvl@xxxxxxxxxx> > Signed-off-by: Marcelo Ricardo Leitner <marcelo.leitner@xxxxxxxxx> > --- > > Hi. Please consider this to -stable too. Thanks Applied and queued up for -stable, thanks! -- To unsubscribe from this list: send the line "unsubscribe linux-sctp" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
