Patch "netfilter: x_tables: assert minimum target size" has been added to the 4.6-stable tree

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

This is a note to let you know that I've just added the patch titled

    netfilter: x_tables: assert minimum target size

to the 4.6-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     netfilter-x_tables-assert-minimum-target-size.patch
and it can be found in the queue-4.6 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.


>From a08e4e190b866579896c09af59b3bdca821da2cd Mon Sep 17 00:00:00 2001
From: Florian Westphal <fw@xxxxxxxxx>
Date: Fri, 1 Apr 2016 14:17:25 +0200
Subject: netfilter: x_tables: assert minimum target size

From: Florian Westphal <fw@xxxxxxxxx>

commit a08e4e190b866579896c09af59b3bdca821da2cd upstream.

The target size includes the size of the xt_entry_target struct.

Signed-off-by: Florian Westphal <fw@xxxxxxxxx>
Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>

---
 net/netfilter/x_tables.c |    3 +++
 1 file changed, 3 insertions(+)

--- a/net/netfilter/x_tables.c
+++ b/net/netfilter/x_tables.c
@@ -568,6 +568,9 @@ int xt_check_entry_offsets(const void *b
 		return -EINVAL;
 
 	t = (void *)(e + target_offset);
+	if (t->u.target_size < sizeof(*t))
+		return -EINVAL;
+
 	if (target_offset + t->u.target_size > next_offset)
 		return -EINVAL;
 


Patches currently in stable-queue which might be from fw@xxxxxxxxx are

queue-4.6/netfilter-x_tables-add-and-use-xt_check_entry_offsets.patch
queue-4.6/netfilter-x_tables-assert-minimum-target-size.patch
queue-4.6/netfilter-x_tables-add-compat-version-of-xt_check_entry_offsets.patch
queue-4.6/netfilter-x_tables-check-for-bogus-target-offset.patch
queue-4.6/netfilter-x_tables-validate-targets-of-jumps.patch
queue-4.6/netfilter-x_tables-don-t-move-to-non-existent-next-rule.patch
queue-4.6/netfilter-x_tables-kill-check_entry-helper.patch
queue-4.6/netfilter-x_tables-check-standard-target-size-too.patch
queue-4.6/netfilter-x_tables-validate-all-offsets-and-sizes-in-a-rule.patch
--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux Kernel]     [Kernel Development Newbies]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite Hiking]     [Linux Kernel]     [Linux SCSI]