[FEISTY] CVE-2007-2172: [PATCH] [IPv4] fib: Fix out of bound access of fib_props[]
Ben Collins
ben.collins at ubuntu.com
Thu May 3 14:59:46 UTC 2007
On Wed, 2007-05-02 at 00:53 +0100, Phillip lougher wrote:
> >From a22afd3c0dd2f1f4f5762ce7d38acc67240384da Mon Sep 17 00:00:00 2001
> From: Phillip Lougher <phillip at ubuntu.com>
> Date: Wed, 2 May 2007 00:05:28 +0100
> Subject: [PATCH] [IPv4] fib: Fix out of bound access of fib_props[] (CVE-2007-2172)
>
> Fixes a typo which caused fib_props[] to have the wrong size
> and makes sure the value used to index the array which is
> provided by userspace via netlink is checked to avoid out of
> bound access.
>
> Signed-off-by: Thomas Graf <tgraf at suug.ch>
> Signed-off-by: David S. Miller <davem at davemloft.net>
ACK
--
Ubuntu: http://www.ubuntu.com/
Linux1394: http://www.linux1394.org/
More information about the kernel-team
mailing list