iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/net
History
Mathias Krause 4c87308bde xfrm_user: fix info leak in copy_to_user_auth() 
copy_to_user_auth() fails to initialize the remainder of alg_name and
therefore discloses up to 54 bytes of heap memory via netlink to
userland.

Use strncpy() instead of strcpy() to fill the trailing bytes of alg_name
with null bytes.

Signed-off-by: Mathias Krause <minipli@googlemail.com>
Acked-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-20 18:08:39 -04:00
..
9p
net: Fix (nearly-)kernel-doc comments for various functions
2012-07-10 23:13:45 -07:00
802
tokenring: delete all remaining driver support
2012-05-15 20:23:16 -04:00
8021q
vlan: clean up vlan_dev_hard_start_xmit()
2012-08-14 14:33:32 -07:00
appletalk
net: Fix (nearly-)kernel-doc comments for various functions
2012-07-10 23:13:45 -07:00
atm
atm: fix info leak via getsockname()
2012-08-15 21:36:30 -07:00
ax25
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2012-07-19 11:17:30 -07:00
batman-adv
batman-adv: make batadv_test_bit() return 0 or 1 only
2012-09-19 15:49:53 -04:00
bluetooth
Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless into for-davem
2012-09-07 14:38:50 -04:00
bridge
netfilter: log: Fix log-level processing
2012-09-12 17:17:35 +02:00
caif
caif: move the dereference below the NULL test
2012-09-10 16:13:31 -04:00
can
can: gw: Remove pointless casts
2012-07-10 22:36:17 +02:00
ceph
libceph: avoid truncation due to racing banners
2012-08-21 15:55:27 -07:00
core
net/core: fix comment in skb_try_coalesce
2012-09-19 17:29:13 -04:00
dcb
net: Fix non-kernel-doc comments with kernel-doc start marker
2012-07-10 23:13:45 -07:00
dccp
dccp: fix info leak via getsockopt(DCCP_SOCKOPT_CCID_TX_INFO)
2012-08-15 21:36:31 -07:00
decnet
ipv4: Restore old dst_free() behavior.
2012-07-31 14:41:38 -07:00
dns_resolver
Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
2012-05-21 20:27:36 -07:00
dsa
dsa: Convert compare_ether_addr to ether_addr_equal
2012-05-09 20:49:19 -04:00
ethernet
ipx: move peII functions
2012-07-19 10:48:00 -07:00
ieee802154
6lowpan: Change byte order when storing/accessing to len field
2012-07-16 22:52:02 -07:00
ipv4
tcp: restore rcv_wscale in a repair mode (v2)
2012-09-20 17:49:58 -04:00
ipv6
ipv6: use DST_* macro to set obselete field
2012-09-18 15:57:04 -04:00
ipx
ipx: move peII functions
2012-07-19 10:48:00 -07:00
irda
irda: Fix typo in irda
2012-07-16 23:23:52 -07:00
iucv
net: remove skb_orphan_try()
2012-06-15 15:30:15 -07:00
key
net: cleanup unsigned to unsigned int
2012-04-15 12:44:40 -04:00
l2tp
l2tp: fix a typo in l2tp_eth_dev_recv()
2012-09-04 15:54:55 -04:00
lapb
lapb: Neaten debugging
2012-05-17 18:45:20 -04:00
llc
llc: fix info leak via getsockname()
2012-08-15 21:36:31 -07:00
mac80211
Merge branch 'for-john' of git://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211
2012-09-05 14:48:15 -04:00
mac802154
mac802154: sparse warnings: make symbols static
2012-07-12 07:54:45 -07:00
netfilter
netfilter: log: Fix log-level processing
2012-09-12 17:17:35 +02:00
netlabel
netlabel: use GFP flags from caller instead of GFP_ATOMIC
2012-03-22 19:29:57 -04:00
netlink
netlink: fix possible spoofing from non-root processes
2012-08-24 13:36:09 -04:00
netrom
netrom: copy_datagram_iovec can fail
2012-09-04 12:57:35 -04:00
nfc
Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next into for-davem
2012-07-20 12:30:48 -04:00
openvswitch
openvswitch: Fix FLOW_BUFSIZE definition.
2012-09-03 19:06:27 -07:00
packet
af_packet: match_fanout_group() can be static
2012-08-23 09:27:12 -07:00
phonet
net: remove my future former mail address
2012-06-17 16:29:38 -07:00
rds
rds: set correct msg_namelen
2012-07-23 01:01:44 -07:00
rfkill
rfkill: Add the capability to switch all devices of all type in __rfkill_switch_all().
2012-06-06 15:18:17 -04:00
rose
net: Convert all sysctl registrations to register_net_sysctl
2012-04-20 21:22:30 -04:00
rxrpc
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2012-07-10 23:56:33 -07:00
sched
pkt_sched: fix virtual-start-time update in QFQ
2012-09-19 16:23:53 -04:00
sctp
sctp: Don't charge for data in sndbuf again when transmitting packet
2012-09-03 13:24:13 -04:00
sunrpc
NFS client bugfixes for Linux 3.6
2012-09-13 09:04:13 +08:00
tipc
tipc: remove print_buf and deprecated log buffer code
2012-07-13 19:34:43 -04:00
unix
af_netlink: force credentials passing [CVE-2012-3520]
2012-08-21 14:53:01 -07:00
wanrouter
wanmain: comparing array with NULL
2012-07-24 13:55:21 -07:00
wimax
net: cleanup unsigned to unsigned int
2012-04-15 12:44:40 -04:00
wireless
Merge branch 'for-john' of git://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211
2012-09-05 14:48:15 -04:00
x25
net: Fix (nearly-)kernel-doc comments for various functions
2012-07-10 23:13:45 -07:00
xfrm
xfrm_user: fix info leak in copy_to_user_auth()
2012-09-20 18:08:39 -04:00
compat.c
net: Fix references to out-of-scope variables in put_cmsg_compat()
2012-07-22 17:50:49 -07:00
Kconfig
net: drop NET dependency from HAVE_BPF_JIT
2012-05-21 12:50:12 -07:00
Makefile
econet: remove ancient bug ridden protocol
2012-05-18 01:35:08 -04:00
nonet.c
socket.c
Fix order of arguments to compat_put_time[spec|val]
2012-09-05 18:34:13 -07:00
sysctl_net.c
net: delete all instances of special processing for token ring
2012-05-15 20:14:35 -04:00