From: Xin Long <lucien.xin@xxxxxxxxx>
Date: Mon, 15 Jan 2018 17:02:00 +0800
> The check in sctp_sockaddr_af is not robust enough to forbid binding a
> v4mapped v6 addr on a v4 socket.
>
> The worse thing is that v4 socket's bind_verify would not convert this
> v4mapped v6 addr to a v4 addr. syzbot even reported a crash as the v4
> socket bound a v6 addr.
>
> This patch is to fix it by doing the common sa.sa_family check first,
> then AF_INET check for v4mapped v6 addrs.
>
> Fixes: 7dab83de50c7 ("sctp: Support ipv6only AF_INET6 sockets.")
> Reported-by: syzbot+7b7b518b1228d2743963@xxxxxxxxxxxxxxxxxxxxxxxxx
> Acked-by: Neil Horman <nhorman@xxxxxxxxxxxxx>
> Signed-off-by: Xin Long <lucien.xin@xxxxxxxxx>
Applied and queued up for -stable.
--
To unsubscribe from this list: send the line "unsubscribe linux-sctp" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
