linux/net
Mathias Krause 4c87308bde xfrm_user: fix info leak in copy_to_user_auth()
copy_to_user_auth() fails to initialize the remainder of alg_name and
therefore discloses up to 54 bytes of heap memory via netlink to
userland.

Use strncpy() instead of strcpy() to fill the trailing bytes of alg_name
with null bytes.

Signed-off-by: Mathias Krause <minipli@googlemail.com>
Acked-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-20 18:08:39 -04:00
..
9p net: Fix (nearly-)kernel-doc comments for various functions 2012-07-10 23:13:45 -07:00
802
8021q vlan: clean up vlan_dev_hard_start_xmit() 2012-08-14 14:33:32 -07:00
appletalk net: Fix (nearly-)kernel-doc comments for various functions 2012-07-10 23:13:45 -07:00
atm atm: fix info leak via getsockname() 2012-08-15 21:36:30 -07:00
ax25 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2012-07-19 11:17:30 -07:00
batman-adv batman-adv: make batadv_test_bit() return 0 or 1 only 2012-09-19 15:49:53 -04:00
bluetooth Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless into for-davem 2012-09-07 14:38:50 -04:00
bridge netfilter: log: Fix log-level processing 2012-09-12 17:17:35 +02:00
caif caif: move the dereference below the NULL test 2012-09-10 16:13:31 -04:00
can can: gw: Remove pointless casts 2012-07-10 22:36:17 +02:00
ceph libceph: avoid truncation due to racing banners 2012-08-21 15:55:27 -07:00
core net/core: fix comment in skb_try_coalesce 2012-09-19 17:29:13 -04:00
dcb net: Fix non-kernel-doc comments with kernel-doc start marker 2012-07-10 23:13:45 -07:00
dccp dccp: fix info leak via getsockopt(DCCP_SOCKOPT_CCID_TX_INFO) 2012-08-15 21:36:31 -07:00
decnet ipv4: Restore old dst_free() behavior. 2012-07-31 14:41:38 -07:00
dns_resolver Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2012-05-21 20:27:36 -07:00
dsa
ethernet ipx: move peII functions 2012-07-19 10:48:00 -07:00
ieee802154 6lowpan: Change byte order when storing/accessing to len field 2012-07-16 22:52:02 -07:00
ipv4 tcp: restore rcv_wscale in a repair mode (v2) 2012-09-20 17:49:58 -04:00
ipv6 ipv6: use DST_* macro to set obselete field 2012-09-18 15:57:04 -04:00
ipx ipx: move peII functions 2012-07-19 10:48:00 -07:00
irda irda: Fix typo in irda 2012-07-16 23:23:52 -07:00
iucv net: remove skb_orphan_try() 2012-06-15 15:30:15 -07:00
key
l2tp l2tp: fix a typo in l2tp_eth_dev_recv() 2012-09-04 15:54:55 -04:00
lapb lapb: Neaten debugging 2012-05-17 18:45:20 -04:00
llc llc: fix info leak via getsockname() 2012-08-15 21:36:31 -07:00
mac80211 Merge branch 'for-john' of git://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211 2012-09-05 14:48:15 -04:00
mac802154 mac802154: sparse warnings: make symbols static 2012-07-12 07:54:45 -07:00
netfilter netfilter: log: Fix log-level processing 2012-09-12 17:17:35 +02:00
netlabel
netlink netlink: fix possible spoofing from non-root processes 2012-08-24 13:36:09 -04:00
netrom netrom: copy_datagram_iovec can fail 2012-09-04 12:57:35 -04:00
nfc Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next into for-davem 2012-07-20 12:30:48 -04:00
openvswitch openvswitch: Fix FLOW_BUFSIZE definition. 2012-09-03 19:06:27 -07:00
packet af_packet: match_fanout_group() can be static 2012-08-23 09:27:12 -07:00
phonet net: remove my future former mail address 2012-06-17 16:29:38 -07:00
rds rds: set correct msg_namelen 2012-07-23 01:01:44 -07:00
rfkill rfkill: Add the capability to switch all devices of all type in __rfkill_switch_all(). 2012-06-06 15:18:17 -04:00
rose
rxrpc Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2012-07-10 23:56:33 -07:00
sched pkt_sched: fix virtual-start-time update in QFQ 2012-09-19 16:23:53 -04:00
sctp sctp: Don't charge for data in sndbuf again when transmitting packet 2012-09-03 13:24:13 -04:00
sunrpc NFS client bugfixes for Linux 3.6 2012-09-13 09:04:13 +08:00
tipc tipc: remove print_buf and deprecated log buffer code 2012-07-13 19:34:43 -04:00
unix af_netlink: force credentials passing [CVE-2012-3520] 2012-08-21 14:53:01 -07:00
wanrouter wanmain: comparing array with NULL 2012-07-24 13:55:21 -07:00
wimax
wireless Merge branch 'for-john' of git://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211 2012-09-05 14:48:15 -04:00
x25 net: Fix (nearly-)kernel-doc comments for various functions 2012-07-10 23:13:45 -07:00
xfrm xfrm_user: fix info leak in copy_to_user_auth() 2012-09-20 18:08:39 -04:00
compat.c net: Fix references to out-of-scope variables in put_cmsg_compat() 2012-07-22 17:50:49 -07:00
Kconfig net: drop NET dependency from HAVE_BPF_JIT 2012-05-21 12:50:12 -07:00
Makefile econet: remove ancient bug ridden protocol 2012-05-18 01:35:08 -04:00
nonet.c
socket.c Fix order of arguments to compat_put_time[spec|val] 2012-09-05 18:34:13 -07:00
sysctl_net.c