Re: [PATCH nf] netfilter/xt_u32: validate user space input

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


On Mon, Aug 28, 2023 at 10:21:07AM -0300, Wander Lairson Costa wrote:
> The xt_u32 module doesn't validate the fields in the xt_u32 structure.
> An attacker may take advantage of this to trigger an OOB read by setting
> the size fields with a value beyond the arrays boundaries.
> Add a checkentry function to validate the structure.
> This was originally reported by the ZDI project (ZDI-CAN-18408).

Applied to nf, thanks

[Index of Archives]     [Netfitler Users]     [Berkeley Packet Filter]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux