Re: [PATCH nf] netfilter/xt_u32: validate user space input

From: Pablo Neira Ayuso
Date: Wed Aug 30 2023 - 15:05:55 EST

Next message: Russell King (Oracle): "Re: [PATCH 2/2] net: phy: Provide Module 4 KSZ9477 errata (DS80000754C)"
Previous message: Alex Bee: "[PATCH v2 4/5] ARM: dts: rockchip: Add dwc2 otg fifo siztes for RK3128"
In reply to: Wander Lairson Costa: "Re: [PATCH nf] netfilter/xt_u32: validate user space input"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Aug 28, 2023 at 10:21:07AM -0300, Wander Lairson Costa wrote:
> The xt_u32 module doesn't validate the fields in the xt_u32 structure.
> An attacker may take advantage of this to trigger an OOB read by setting
> the size fields with a value beyond the arrays boundaries.
>
> Add a checkentry function to validate the structure.
>
> This was originally reported by the ZDI project (ZDI-CAN-18408).

Applied to nf, thanks

Next message: Russell King (Oracle): "Re: [PATCH 2/2] net: phy: Provide Module 4 KSZ9477 errata (DS80000754C)"
Previous message: Alex Bee: "[PATCH v2 4/5] ARM: dts: rockchip: Add dwc2 otg fifo siztes for RK3128"
In reply to: Wander Lairson Costa: "Re: [PATCH nf] netfilter/xt_u32: validate user space input"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]