David Miller <[EMAIL PROTECTED]> writes:
>> > while going through going netlink code I found out that netlink_bind()
>> > does not properly check bind parameters. I checked both 2.6.23-rc1 as
>> > well as 2.6.16.53, both are affected.
> Firstly, you patch compares the address _pointer_ against
>
From: Holger Eitzenberger <[EMAIL PROTECTED]>
Date: Tue, 18 Sep 2007 23:05:52 +0200
> Holger Eitzenberger <[EMAIL PROTECTED]> writes:
>
> > while going through going netlink code I found out that netlink_bind()
> > does not properly check bind parameters. I checked both 2.6.23-rc1 as
> > well as
The previous patchlet wasn't correct, please apply this one.
Sorry for the noise.
/holger
[NETLINK] Check for correct bind parameters
Before this change it was possible to pass less than sockaddr_nl
bytes, which might lead to arbitrary data being accessed in
netlink_bind().
Take two.
Signed
Holger Eitzenberger <[EMAIL PROTECTED]> writes:
> while going through going netlink code I found out that netlink_bind()
> does not properly check bind parameters. I checked both 2.6.23-rc1 as
> well as 2.6.16.53, both are affected.
>
> With a small test prog I wasn't able to crash my maschine th
Hi,
while going through going netlink code I found out that netlink_bind()
does not properly check bind parameters. I checked both 2.6.23-rc1 as
well as 2.6.16.53, both are affected.
With a small test prog I wasn't able to crash my maschine though, but
data was accessed out of bounds.
Please ap
