linux/net
Marcel Holtmann 0878b6667f [Bluetooth] Fix L2CAP and HCI setsockopt() information leaks
The L2CAP and HCI setsockopt() implementations have a small information
leak that makes it possible to leak kernel stack memory to userspace.

If the optlen parameter is 0, no data will be copied by copy_from_user(),
but the uninitialized stack buffer will be read and stored later. A call
to getsockopt() can now retrieve the leaked information.

To fix this problem the stack buffer given to copy_from_user() must be
initialized with the current settings.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2007-05-05 00:35:59 +02:00
..
802 [NET]: cleanup extra semicolons 2007-04-25 22:29:24 -07:00
8021q [NET]: cleanup extra semicolons 2007-04-25 22:29:24 -07:00
appletalk [NET]: Revert sk_buff walker cleanups. 2007-04-27 15:21:23 -07:00
atm [NET]: SPIN_LOCK_UNLOCKED cleanup in drivers/atm, net 2007-04-26 01:37:44 -07:00
ax25 [NET]: cleanup extra semicolons 2007-04-25 22:29:24 -07:00
bluetooth [Bluetooth] Fix L2CAP and HCI setsockopt() information leaks 2007-05-05 00:35:59 +02:00
bridge [BRIDGE]: Missing rtnl. 2007-04-25 22:30:04 -07:00
core [NET]: Remove NETIF_F_INTERNAL_STATS, default to internal stats. 2007-04-28 21:04:03 -07:00
dccp [NET]: SPIN_LOCK_UNLOCKED cleanup in drivers/atm, net 2007-04-26 01:37:44 -07:00
decnet [RTNETLINK]: Remove unnecessary locking in dump callbacks 2007-04-25 22:29:05 -07:00
econet [SK_BUFF]: Convert skb->tail to sk_buff_data_t 2007-04-25 22:26:28 -07:00
ethernet [SK_BUFF]: Introduce skb_reset_mac_header(skb) 2007-04-25 22:24:32 -07:00
ieee80211 [PATCH] ieee80211: add missing global needed by IEEE80211_DEBUG_XXXX 2007-04-28 11:01:05 -04:00
ipv4 [UDP]: Do not allow specific bind when wildcard bind exists. 2007-04-30 14:51:58 -07:00
ipv6 [IPV6]: Fix slab corruption running ip6sic 2007-04-28 21:26:23 -07:00
ipx [SK_BUFF]: Introduce skb_reset_transport_header(skb) 2007-04-25 22:25:15 -07:00
irda [IRDA] irda_device_dongle_init: fix kzalloc(GFP_KERNEL) in spinlock 2007-04-26 01:36:49 -07:00
iucv [AF_IUCV/IUCV]: smp_call_function deadlock 2007-04-28 23:03:59 -07:00
key [NET]: cleanup extra semicolons 2007-04-25 22:29:24 -07:00
lapb [PATCH] remove many unneeded #includes of sched.h 2007-02-14 08:09:54 -08:00
llc [SK_BUFF]: unions of just one member don't get anything done, kill them 2007-04-25 22:26:20 -07:00
netfilter [NETLINK]: Possible cleanups. 2007-04-26 00:57:41 -07:00
netlabel SELinux: extract the NetLabel SELinux support from the security server 2007-04-26 01:35:48 -04:00
netlink [NETLINK]: Possible cleanups. 2007-04-26 00:57:41 -07:00
netrom [AX25/NETROM/ROSE]: Convert to use modern wait queue API 2007-04-25 22:29:15 -07:00
packet [AF_PACKET]: Add option to return orig_dev to userspace. 2007-04-25 22:29:14 -07:00
rose [AX25/NETROM/ROSE]: Convert to use modern wait queue API 2007-04-25 22:29:15 -07:00
rxrpc [AF_RXRPC/AFS]: Arch-specific fixes. 2007-04-27 15:28:45 -07:00
sched [NET]: cleanup extra semicolons 2007-04-25 22:29:24 -07:00
sctp [SCTP]: Fix sctp_getsockopt_local_addrs_old() to use local storage. 2007-04-28 21:09:04 -07:00
sunrpc [SUNRPC]: cleanup: use seq_release_private() where appropriate 2007-04-26 01:03:43 -07:00
tipc [TIPC]: Enhancements to msg_set_bits() routine 2007-04-25 22:29:49 -07:00
unix [SK_BUFF]: Introduce skb_reset_transport_header(skb) 2007-04-25 22:25:15 -07:00
wanrouter [SK_BUFF]: Introduce skb_copy_to_linear_data{_offset} 2007-04-25 22:28:29 -07:00
wireless [WIRELESS] cfg80211: Clarify locking comment. 2007-04-26 20:51:12 -07:00
x25 [SK_BUFF]: Some more conversions to skb_copy_from_linear_data 2007-04-25 22:28:30 -07:00
xfrm [XFRM]: Restrict upper layer information by bundle. 2007-04-30 00:58:09 -07:00
compat.c [NET]: Adding SO_TIMESTAMPNS / SCM_TIMESTAMPNS support 2007-04-25 22:24:21 -07:00
Kconfig [AF_RXRPC]: Provide secure RxRPC sockets for use by userspace and kernel both 2007-04-26 15:48:28 -07:00
Makefile [AF_RXRPC]: Provide secure RxRPC sockets for use by userspace and kernel both 2007-04-26 15:48:28 -07:00
nonet.c [PATCH] Make most file operations structs in fs/ const 2006-03-28 09:16:06 -08:00
socket.c [SOCKET]: Export __sock_recv_timestamp 2007-04-25 22:24:22 -07:00
sysctl_net.c Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
TUNABLE