iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/net
History
Gavrilov Ilia 9ea4b476ce netfilter: ipset: Fix overflow before widen in the bitmap_ip_create() function. 
When first_ip is 0, last_ip is 0xFFFFFFFF, and netmask is 31, the value of
an arithmetic expression 2 << (netmask - mask_bits - 1) is subject
to overflow due to a failure casting operands to a larger data type
before performing the arithmetic.

Note that it's harmless since the value will be checked at the next step.

Found by InfoTeCS on behalf of Linux Verification Center
(linuxtesting.org) with SVACE.

Fixes: b9fed748185a ("netfilter: ipset: Check and reject crazy /0 input parameters")
Signed-off-by: Ilia.Gavrilov <Ilia.Gavrilov@infotecs.ru>
Reviewed-by: Simon Horman <simon.horman@corigine.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2023-01-11 19:18:04 +01:00
..
6lowpan
9p
9p-for-6.2-rc1
2022-12-23 11:39:18 -08:00
802
treewide: Convert del_timer*() to timer_shutdown*()
2022-12-25 13:38:09 -08:00
8021q
net: Remove the obsolte u64_stats_fetch_*_irq() users (net).
2022-10-28 20:13:54 -07:00
appletalk
atm
driver core: make struct class.dev_uevent() take a const *
2022-11-24 17:12:15 +01:00
ax25
ax25: af_ax25: Remove unnecessary (void*) conversions
2022-11-16 13:31:03 +00:00
batman-adv
Networking changes for 6.2.
2022-12-13 15:47:48 -08:00
bluetooth
Networking changes for 6.2.
2022-12-13 15:47:48 -08:00
bpf
New Feature:
2022-12-17 14:06:53 -06:00
bpfilter
bridge
treewide: Convert del_timer*() to timer_shutdown*()
2022-12-25 13:38:09 -08:00
caif
caif: fix memory leak in cfctrl_linkup_request()
2023-01-05 10:19:36 +01:00
can
Networking changes for 6.2.
2022-12-13 15:47:48 -08:00
ceph
Treewide: Stop corrupting socket's task_frag
2022-12-19 17:28:49 -08:00
core
gro: take care of DODGY packets
2023-01-09 07:37:07 +00:00
dcb
net: dcb: move getapptrust to separate function
2022-11-15 15:27:43 +01:00
dccp
Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
2022-11-29 13:04:52 -08:00
dns_resolver
cred: Do not default to init_cred in prepare_kernel_cred()
2022-11-01 10:04:52 -07:00
dsa
Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
2022-12-13 09:49:29 +01:00
ethernet
net: ethernet: use sysfs_emit() to instead of scnprintf()
2022-12-07 20:02:44 -08:00
ethtool
net/ethtool/ioctl: split ethtool_get_phy_stats into multiple helpers
2022-12-28 11:55:24 +00:00
hsr
hsr: Use a single struct for self_node.
2022-12-01 20:26:22 -08:00
ieee802154
Merge tag 'ieee802154-for-net-next-2022-12-05' of git://git.kernel.org/pub/scm/linux/kernel/git/sschmidt/wpan-next
2022-12-07 17:33:26 -08:00
ife
ipv4
Including fixes from bpf, wifi, and netfilter.
2023-01-05 12:40:50 -08:00
ipv6
ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
2023-01-11 12:49:13 +00:00
iucv
kcm
kcm: close race conditions on sk_receive_queue
2022-11-15 12:42:26 +01:00
key
Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next
2022-11-29 20:50:51 -08:00
l2tp
Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
2022-11-29 13:04:52 -08:00
l3mdev
lapb
llc
mac80211
treewide: Convert del_timer*() to timer_shutdown*()
2022-12-25 13:38:09 -08:00
mac802154
Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
2022-12-08 18:19:59 -08:00
mctp
mctp: Remove device type check at unregister
2022-12-19 17:20:22 -08:00
mpls
net: Remove the obsolte u64_stats_fetch_*_irq() users (net).
2022-10-28 20:13:54 -07:00
mptcp
mptcp: fix lockdep false positive
2022-12-21 18:05:47 -08:00
ncsi
net/ncsi: Silence runtime memcpy() false positive warning
2022-12-06 17:29:14 -08:00
netfilter
netfilter: ipset: Fix overflow before widen in the bitmap_ip_create() function.
2023-01-11 19:18:04 +01:00
netlabel
genetlink: start to validate reserved header bytes
2022-08-29 12:47:15 +01:00
netlink
Networking changes for 6.2.
2022-12-13 15:47:48 -08:00
netrom
nfc
nfc: Fix potential resource leaks
2022-12-26 09:09:23 +00:00
nsh
openvswitch
net: openvswitch: release vport resources on failure
2022-12-21 17:48:12 -08:00
packet
Networking changes for 6.2.
2022-12-13 15:47:48 -08:00
phonet
psample
genetlink: start to validate reserved header bytes
2022-08-29 12:47:15 +01:00
qrtr
rds
rds: remove redundant variable total_payload_len
2022-11-04 10:09:50 +00:00
rfkill
driver core: make struct class.dev_uevent() take a const *
2022-11-24 17:12:15 +01:00
rose
rose: Fix NULL pointer dereference in rose_send_frame()
2022-11-02 11:57:30 +00:00
rxrpc
rxrpc: Fix incoming call setup race
2023-01-07 09:30:26 +00:00
sched
net: sched: disallow noqueue for qdisc classes
2023-01-10 18:19:32 -08:00
sctp
Networking changes for 6.2.
2022-12-13 15:47:48 -08:00
smc
use less confusing names for iov_iter direction initializers
2022-11-25 13:01:55 -05:00
strparser
sunrpc
treewide: Convert del_timer*() to timer_shutdown*()
2022-12-25 13:38:09 -08:00
switchdev
tipc
tipc: fix unexpected link reset due to discovery messages
2023-01-06 12:53:10 +00:00
tls
Networking changes for 6.2.
2022-12-13 15:47:48 -08:00
unix
unix: Fix race in SOCK_SEQPACKET's unix_dgram_sendmsg()
2022-12-15 11:35:18 +01:00
vmw_vsock
Networking changes for 6.2.
2022-12-13 15:47:48 -08:00
wireless
Driver Core changes for 6.2-rc1
2022-12-16 03:54:54 -08:00
x25
net/x25: Fix skb leak in x25_lapb_receive_frame()
2022-11-15 20:22:19 -08:00
xdp
bpf: Expand map key argument of bpf_redirect_map to u64
2022-11-15 09:00:27 -08:00
xfrm
Treewide: Stop corrupting socket's task_frag
2022-12-19 17:28:49 -08:00
compat.c
use less confusing names for iov_iter direction initializers
2022-11-25 13:01:55 -05:00
devres.c
Kconfig
Kconfig.debug
net: make NET_(DEV|NS)_REFCNT_TRACKER depend on NET
2022-09-20 14:23:56 -07:00
Makefile
socket.c
Networking changes for 6.2.
2022-12-13 15:47:48 -08:00
sysctl_net.c