[FEISTY] CVE-2007-2172: [PATCH] [IPv4] fib: Fix out of bound access of fib_props[]

Ben Collins ben.collins at ubuntu.com
Thu May 3 14:59:46 UTC 2007

On Wed, 2007-05-02 at 00:53 +0100, Phillip lougher wrote:
> >From a22afd3c0dd2f1f4f5762ce7d38acc67240384da Mon Sep 17 00:00:00 2001
> From: Phillip Lougher <phillip at ubuntu.com>
> Date: Wed, 2 May 2007 00:05:28 +0100
> Subject: [PATCH] [IPv4] fib: Fix out of bound access of fib_props[] (CVE-2007-2172)
> Fixes a typo which caused fib_props[] to have the wrong size
> and makes sure the value used to index the array which is
> provided by userspace via netlink is checked to avoid out of
> bound access.
> Signed-off-by: Thomas Graf <tgraf at suug.ch>
> Signed-off-by: David S. Miller <davem at davemloft.net>


Ubuntu:    http://www.ubuntu.com/
Linux1394: http://www.linux1394.org/

More information about the kernel-team mailing list