| commit | 0721a681c617fdd498f2f0f40e69895354baf099 | |
| author | Al Viro <aviro@redhat.com> | |
| Wed, 31 Aug 2005 09:55:12 +0000 (31 10:55 +0100) | ||
| committer | Chris Wright <chrisw@osdl.org> | |
| Sat, 10 Sep 2005 02:42:53 +0000 (9 19:42 -0700) | ||
| tree | 1c27cf638a23c3d68817e7bf441229ec9c3a6af9 | treesnapshot (tar.gz zip) |
| parent | c255cda2af84db91d19944c092baf5a61c633181 | commitdiff |
[PATCH] raw_sendmsg DoS (CAN-2005-2492)
Fix unchecked __get_user that could be tricked into generating a
memory read on an arbitrary address. The result of the read is not
returned directly but you may be able to divine some information about
it, or use the read to cause a crash on some architectures by reading
hardware state. CAN-2005-2492.
Fix from Al Viro, ack from Dave Miller.
Signed-off-by: Chris Wright <chrisw@osdl.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Fix unchecked __get_user that could be tricked into generating a
memory read on an arbitrary address. The result of the read is not
returned directly but you may be able to divine some information about
it, or use the read to cause a crash on some architectures by reading
hardware state. CAN-2005-2492.
Fix from Al Viro, ack from Dave Miller.
Signed-off-by: Chris Wright <chrisw@osdl.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
| net/ipv4/raw.c | diffblobblamehistory | |
| net/ipv6/raw.c | diffblobblamehistory |