linux/net
Stefan Nuernberger 076ed3da0c net/ipv4: defensive cipso option parsing
commit 40413955ee ("Cipso: cipso_v4_optptr enter infinite loop") fixed
a possible infinite loop in the IP option parsing of CIPSO. The fix
assumes that ip_options_compile filtered out all zero length options and
that no other one-byte options beside IPOPT_END and IPOPT_NOOP exist.
While this assumption currently holds true, add explicit checks for zero
length and invalid length options to be safe for the future. Even though
ip_options_compile should have validated the options, the introduction of
new one-byte options can still confuse this code without the additional
checks.

Signed-off-by: Stefan Nuernberger <snu@amazon.com>
Cc: David Woodhouse <dwmw@amazon.co.uk>
Cc: Simon Veith <sveith@amazon.de>
Cc: stable@vger.kernel.org
Acked-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2018-09-17 19:37:46 -07:00
..
6lowpan
9p Pull request for inclusion in 4.19, take two 2018-08-17 17:27:58 -07:00
802
8021q net: remove blank lines at end of file 2018-07-24 14:10:43 -07:00
appletalk
atm Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2018-08-15 15:04:25 -07:00
ax25 ax25: remove blank line at EOF 2018-07-24 14:10:42 -07:00
batman-adv
bluetooth Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2018-08-15 15:04:25 -07:00
bpf bpf/test_run: support cgroup local storage 2018-08-03 00:47:32 +02:00
bpfilter Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2018-08-15 15:04:25 -07:00
bridge net: bridge: add support for sticky fdb entries 2018-09-12 20:30:03 -07:00
caif net: caif: remove redundant null check on frontpkt 2018-09-17 18:49:57 -07:00
can
ceph crush: fix using plain integer as NULL warning 2018-08-13 17:55:44 +02:00
core pktgen: Fix fall-through annotation 2018-09-13 15:36:41 -07:00
dcb net: dcb: Add priority-to-DSCP map getters 2018-07-27 13:17:50 -07:00
dccp Merge ra.kernel.org:/pub/scm/linux/kernel/git/davem/net 2018-08-09 11:52:36 -07:00
decnet decnet: fix using plain integer as NULL warning 2018-08-09 14:11:24 -07:00
dns_resolver net: remove blank lines at end of file 2018-07-24 14:10:43 -07:00
dsa net: dsa: remove redundant null pointer check before put_device 2018-09-17 08:20:11 -07:00
ethernet
hsr
ieee802154 net: Add and use skb_mark_not_on_list(). 2018-09-10 10:06:54 -07:00
ife
ipv4 net/ipv4: defensive cipso option parsing 2018-09-17 19:37:46 -07:00
ipv6 ip6_gre: simplify gre header parsing in ip6gre_err 2018-09-16 15:32:59 -07:00
iucv net/iucv: declare iucv_path_table_empty() as static 2018-09-05 22:32:22 -07:00
kcm net: remove blank lines at end of file 2018-07-24 14:10:43 -07:00
key Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next 2018-07-27 09:33:37 -07:00
l2tp l2tp: fix unused function warning 2018-08-13 20:45:49 -07:00
l3mdev
lapb
llc llc: avoid blocking in llc_sap_close() 2018-09-13 09:04:58 -07:00
mac80211 mac80211: Don't access sk_queue_head->next directly. 2018-09-10 10:06:53 -07:00
mac802154 net: mac802154: tx: expand tailroom if necessary 2018-08-06 11:21:37 +02:00
mpls mpls: remove trailing whitepace 2018-07-24 14:10:42 -07:00
ncsi net/ncsi: remove duplicated include from ncsi-netlink.c 2018-08-29 19:10:40 -07:00
netfilter Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2018-09-12 22:22:42 -07:00
netlabel
netlink netlink: remove hash::nelems check in netlink_insert 2018-09-12 00:08:44 -07:00
netrom
nfc net: simplify sock_poll_wait 2018-07-30 09:10:25 -07:00
nsh
openvswitch openvswitch: Derive IP protocol number for IPv6 later frags 2018-09-06 21:47:49 -07:00
packet packet: add sockopt to ignore outgoing packets 2018-09-05 22:09:37 -07:00
phonet
psample
qrtr
rds net: rds: use memset to optimize the recv 2018-09-17 08:19:51 -07:00
rfkill Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2018-09-04 21:33:03 -07:00
rose
rxrpc net: Add and use skb_mark_not_on_list(). 2018-09-10 10:06:54 -07:00
sched net/sched: act_police: don't use spinlock in the data path 2018-09-16 15:30:22 -07:00
sctp sctp: Use skb_queue_is_first(). 2018-09-10 10:06:53 -07:00
smc RDMA/smc: Replace ib_query_gid with rdma_get_gid_attr 2018-08-17 16:45:51 -06:00
strparser strparser: remove redundant variable 'rd_desc' 2018-08-01 10:00:06 -07:00
sunrpc NFS client updates for Linux 4.19 2018-08-23 16:03:58 -07:00
switchdev
tipc Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2018-09-12 22:22:42 -07:00
tls tls: async support causes out-of-bounds access in crypto APIs 2018-09-17 08:01:36 -07:00
unix af_unix: ensure POLLOUT on remote close() for connected dgram socket 2018-08-03 16:44:19 -07:00
vmw_vsock vsock: split dwork to avoid reinitializations 2018-08-07 12:39:13 -07:00
wimax wimax: remove blank lines at EOF 2018-07-24 14:10:42 -07:00
wireless cfg80211: validate wmm rule when setting 2018-09-05 10:16:59 +02:00
x25 x25: remove blank lines at EOF 2018-07-24 14:10:42 -07:00
xdp xsk: i40e: get rid of useless struct xdp_umem_props 2018-09-01 01:38:16 +02:00
xfrm net: Add and use skb_mark_not_on_list(). 2018-09-10 10:06:54 -07:00
compat.c net: avoid unnecessary sock_flag() check when enable timestamp 2018-08-06 10:42:48 -07:00
Kconfig net: remove blank lines at end of file 2018-07-24 14:10:43 -07:00
Makefile
socket.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2018-08-15 15:04:25 -07:00
sysctl_net.c