iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/net
History
Florian Westphal 0aa8c13eb5 ipv6: drop non loopback packets claiming to originate from ::1 
We lack a saddr check for ::1. This causes security issues e.g. with acls
permitting connections from ::1 because of assumption that these originate
from local machine.

Assuming a source address of ::1 is local seems reasonable.
RFC4291 doesn't allow such a source address either, so drop such packets.

Reported-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
Acked-by: Eric Dumazet <edumazet@google.com>
Acked-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-04-17 15:09:23 -04:00
..
6lowpan
6lowpan: use rb_entry()
2017-01-22 16:46:13 -05:00
9p
Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2017-03-03 21:44:35 -08:00
802
Replace <asm/uaccess.h> with <linux/uaccess.h> globally
2016-12-24 11:46:01 -08:00
8021q
net: remove ndo_neigh_{construct, destroy} from stacked devices
2017-02-06 11:25:57 -05:00
appletalk
lib/vsprintf.c: remove %Z support
2017-02-27 18:43:47 -08:00
atm
net: Work around lockdep limitation in sockets that use sockets
2017-03-09 18:23:27 -08:00
ax25
net: Work around lockdep limitation in sockets that use sockets
2017-03-09 18:23:27 -08:00
batman-adv
Here are two batman-adv bugfixes:
2017-03-16 12:05:38 -07:00
bluetooth
net: Work around lockdep limitation in sockets that use sockets
2017-03-09 18:23:27 -08:00
bridge
bridge: netlink: register netdevice before executing changelink
2017-04-11 22:22:44 -04:00
caif
sched/headers: Prepare for new header dependencies before moving code to <linux/sched/signal.h>
2017-03-02 08:42:29 +01:00
can
can: bcm: fix hrtimer/tasklet termination in bcm op removal
2017-01-30 11:05:04 +01:00
ceph
libceph: force GFP_NOIO for socket allocations
2017-03-23 12:03:36 +01:00
core
net-timestamp: avoid use-after-free in ip_recv_error
2017-04-17 12:59:22 -04:00
dcb
net: dcb: set error code on failures
2016-12-03 23:54:25 -05:00
dccp
dccp: fix memory leak during tear-down of unsuccessful connection request
2017-03-13 22:00:42 -07:00
decnet
net: Work around lockdep limitation in sockets that use sockets
2017-03-09 18:23:27 -08:00
dns_resolver
Merge branch 'WIP.sched-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
2017-03-03 10:16:38 -08:00
dsa
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2017-02-11 02:31:11 -05:00
ethernet
Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next
2017-02-16 21:25:49 -05:00
hsr
net/hsr: use eth_hw_addr_random()
2017-02-21 13:25:22 -05:00
ieee802154
lib/vsprintf.c: remove %Z support
2017-02-27 18:43:47 -08:00
ife
net: Introduce ife encapsulation module
2017-02-03 15:16:45 -05:00
ipv4
net-timestamp: avoid use-after-free in ip_recv_error
2017-04-17 12:59:22 -04:00
ipv6
ipv6: drop non loopback packets claiming to originate from ::1
2017-04-17 15:09:23 -04:00
ipx
ktime: Get rid of the union
2016-12-25 17:21:22 +01:00
irda
net: Work around lockdep limitation in sockets that use sockets
2017-03-09 18:23:27 -08:00
iucv
net: Work around lockdep limitation in sockets that use sockets
2017-03-09 18:23:27 -08:00
kcm
kcm: return immediately after copy_from_user() failure
2017-03-24 13:13:53 -07:00
key
netns: make struct pernet_operations::id unsigned int
2016-11-18 10:59:15 -05:00
l2tp
l2tp: don't mask errors in pppol2tp_getsockopt()
2017-04-08 08:29:04 -07:00
l3mdev
net: ipv6: Remove l3mdev_get_saddr6
2016-09-10 23:12:53 -07:00
lapb
Replace <asm/uaccess.h> with <linux/uaccess.h> globally
2016-12-24 11:46:01 -08:00
llc
net: Work around lockdep limitation in sockets that use sockets
2017-03-09 18:23:27 -08:00
mac80211
mac80211: unconditionally start new netdev queues with iTXQ support
2017-03-29 14:20:40 +02:00
mac802154
sched/headers: Prepare to use <linux/rcuupdate.h> instead of <linux/rculist.h> in <linux/sched.h>
2017-03-02 08:42:38 +01:00
mpls
net: mpls: Fix nexthop alive tracking on down events
2017-03-16 20:22:18 -07:00
ncsi
net/ncsi: Improve HNCDSC AEN handler
2016-10-20 11:23:08 -04:00
netfilter
netfilter: nft_hash: do not dump the auto generated seed
2017-04-13 23:20:13 +02:00
netlabel
netlabel: add CALIPSO to the list of built-in protocols
2017-01-06 22:20:45 -05:00
netlink
genetlink: fix counting regression on ctrl_dumpfamily()
2017-03-22 15:38:43 -07:00
netrom
net: Work around lockdep limitation in sockets that use sockets
2017-03-09 18:23:27 -08:00
nfc
net: Work around lockdep limitation in sockets that use sockets
2017-03-09 18:23:27 -08:00
openvswitch
openvswitch: Fix ovs_flow_key_update()
2017-04-01 12:16:46 -07:00
packet
net/packet: fix overflow in check for tp_reserve
2017-03-30 11:04:00 -07:00
phonet
net: Work around lockdep limitation in sockets that use sockets
2017-03-09 18:23:27 -08:00
psample
net: Introduce psample, a new genetlink channel for packet sampling
2017-01-24 13:44:28 -05:00
qrtr
net: qrtr: Mark 'buf' as little endian
2017-01-10 20:45:04 -05:00
rds
net: Work around lockdep limitation in sockets that use sockets
2017-03-09 18:23:27 -08:00
rfkill
rfkill: remove rfkill-regulator
2017-01-24 11:07:35 +01:00
rose
net: Work around lockdep limitation in sockets that use sockets
2017-03-09 18:23:27 -08:00
rxrpc
rxrpc: Ignore BUSY packets on old calls
2017-03-16 21:27:57 -07:00
sched
net_sched: check noop_qdisc before qdisc_hash_add()
2017-04-06 12:28:39 -07:00
sctp
sctp: listen on the sock only when it's state is listening or closed
2017-04-06 13:55:51 -07:00
smc
net: Work around lockdep limitation in sockets that use sockets
2017-03-09 18:23:27 -08:00
strparser
strparser: destroy workqueue on module exit
2017-03-03 20:43:26 -08:00
sunrpc
The restriction of NFSv4 to TCP went overboard and also broke the
2017-04-01 10:43:37 -07:00
switchdev
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2016-10-30 12:42:58 -04:00
tipc
tipc: fix nametbl deadlock at tipc_nametbl_unsubscribe
2017-03-22 11:59:16 -07:00
unix
net: unix: properly re-increment inflight counter of GC discarded candidates
2017-03-21 15:25:10 -07:00
vmw_vsock
vsock: cancel packets when failing to connect
2017-03-21 14:41:47 -07:00
wimax
genetlink: mark families as __ro_after_init
2016-10-27 16:16:09 -04:00
wireless
cfg80211: check rdev resume callback only for registered wiphy
2017-03-29 09:11:29 +02:00
x25
net: Work around lockdep limitation in sockets that use sockets
2017-03-09 18:23:27 -08:00
xfrm
Merge branch 'apw' (xfrm_user fixes)
2017-03-29 13:26:22 -07:00
compat.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next
2017-02-22 10:15:09 -08:00
Kconfig
bpf: make jited programs visible in traces
2017-02-17 13:40:05 -05:00
Makefile
net: Introduce ife encapsulation module
2017-02-03 15:16:45 -05:00
socket.c
tcp: mark skbs with SCM_TIMESTAMPING_OPT_STATS
2017-03-21 18:44:17 -07:00
sysctl_net.c
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace
2016-10-06 09:52:23 -07:00