Applied: [PATCH 0/1] [HARDY] [LUCID] [NATTY] [ONEIRIC] [PRECISE] [CVE-2012-2136] net: sock: validate data_len before allocating skb in sock_alloc_send_pskb()
Brad Figg
brad.figg at canonical.com
Wed Jul 11 21:15:17 UTC 2012
On 07/11/2012 12:42 PM, Brad Figg wrote:
> CVE-2012-2136
>
> BugLink: http://bugs.launchpad.net/bugs/1006622
>
> We need to validate the number of pages consumed by data_len, otherwise frags
> array could be overflowed by userspace. So this patch validate data_len and
> return -EMSGSIZE when data_len may occupies more frags than MAX_SKB_FRAGS.
>
> Jason Wang (1):
> net: sock: validate data_len before allocating skb in
> sock_alloc_send_pskb()
>
> net/core/sock.c | 7 +++++--
> 1 file changed, 5 insertions(+), 2 deletions(-)
>
--
Brad Figg brad.figg at canonical.com http://www.canonical.com
More information about the kernel-team
mailing list