Patch "ipv6: fix leaking uninitialized port number of offender sockaddr" has been added to the 3.10-stable tree

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

This is a note to let you know that I've just added the patch titled

    ipv6: fix leaking uninitialized port number of offender sockaddr

to the 3.10-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     ipv6-fix-leaking-uninitialized-port-number-of-offender-sockaddr.patch
and it can be found in the queue-3.10 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.


>From cda165fc4b264da12719ffb07d124d011e01d1da Mon Sep 17 00:00:00 2001
From: Hannes Frederic Sowa <hannes@xxxxxxxxxxxxxxxxxxx>
Date: Sat, 23 Nov 2013 07:22:33 +0100
Subject: ipv6: fix leaking uninitialized port number of offender sockaddr

From: Hannes Frederic Sowa <hannes@xxxxxxxxxxxxxxxxxxx>

[ Upstream commit 1fa4c710b6fe7b0aac9907240291b6fe6aafc3b8 ]

Offenders don't have port numbers, so set it to 0.

Signed-off-by: Hannes Frederic Sowa <hannes@xxxxxxxxxxxxxxxxxxx>
Signed-off-by: David S. Miller <davem@xxxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
 net/ipv6/datagram.c |    1 +
 1 file changed, 1 insertion(+)

--- a/net/ipv6/datagram.c
+++ b/net/ipv6/datagram.c
@@ -378,6 +378,7 @@ int ipv6_recv_error(struct sock *sk, str
 	if (serr->ee.ee_origin != SO_EE_ORIGIN_LOCAL) {
 		sin->sin6_family = AF_INET6;
 		sin->sin6_flowinfo = 0;
+		sin->sin6_port = 0;
 		if (skb->protocol == htons(ETH_P_IPV6)) {
 			sin->sin6_addr = ipv6_hdr(skb)->saddr;
 			if (np->rxopt.all)


Patches currently in stable-queue which might be from hannes@xxxxxxxxxxxxxxxxxxx are

queue-3.10/ipv6-fix-headroom-calculation-in-udp6_ufo_fragment.patch
queue-3.10/inet-prevent-leakage-of-uninitialized-memory-to-user-in-recv-syscalls.patch
queue-3.10/net-rework-recvmsg-handler-msg_name-and-msg_namelen-logic.patch
queue-3.10/ipv6-use-rt6_get_dflt_router-to-get-default-router-in-rt6_route_rcv.patch
queue-3.10/ipv6-fix-possible-seqlock-deadlock-in-ip6_finish_output2.patch
queue-3.10/net-add-bug_on-if-kernel-advertises-msg_namelen-sizeof-struct-sockaddr_storage.patch
queue-3.10/random32-fix-off-by-one-in-seeding-requirement.patch
queue-3.10/inet-fix-possible-seqlock-deadlocks.patch
queue-3.10/inet-fix-addr_len-msg-msg_namelen-assignment-in-recv_error-and-rxpmtu-functions.patch
queue-3.10/ipv6-fix-leaking-uninitialized-port-number-of-offender-sockaddr.patch
queue-3.10/ipv6-protect-for_each_sk_fl_rcu-in-mem_check-with-rcu_read_lock_bh.patch
--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux Kernel]     [Kernel Development Newbies]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite Hiking]     [Linux Kernel]     [Linux SCSI]