mirrors
/
linux-stable
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Releases Wiki Activity
linux-stable/net/netfilter/ipvs
History
Mathias Krause 2d8a041b7b ipvs: fix info leak in getsockopt(IP_VS_SO_GET_TIMEOUT) 
If at least one of CONFIG_IP_VS_PROTO_TCP or CONFIG_IP_VS_PROTO_UDP is
not set, __ip_vs_get_timeouts() does not fully initialize the structure
that gets copied to userland and that for leaks up to 12 bytes of kernel
stack. Add an explicit memset(0) before passing the structure to
__ip_vs_get_timeouts() to avoid the info leak.

Signed-off-by: Mathias Krause <minipli@googlemail.com>
Cc: Wensong Zhang <wensong@linux-vs.org>
Cc: Simon Horman <horms@verge.net.au>
Cc: Julian Anastasov <ja@ssi.bg>
Signed-off-by: David S. Miller <davem@davemloft.net>
 		2012-08-15 21:36:31 -07:00
..
Kconfig Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial 2012-01-08 13:21:22 -08:00
Makefile IPVS: sip persistence engine 2010-10-04 22:45:24 +09:00
ip_vs_app.c net: cleanup unsigned to unsigned int 2012-04-15 12:44:40 -04:00
ip_vs_conn.c ipvs: optimize the use of flags in ip_vs_bind_dest 2012-05-08 19:40:49 +02:00
ip_vs_core.c netfilter: ipvs: switch hook PFs to nfproto 2012-06-07 14:58:43 +02:00
ip_vs_ctl.c ipvs: fix info leak in getsockopt(IP_VS_SO_GET_TIMEOUT) 2012-08-15 21:36:31 -07:00
ip_vs_dh.c ipvs: DH scheduler does not need GFP_ATOMIC allocation 2012-05-08 19:37:20 +02:00
ip_vs_est.c IPVS: remove unused init and cleanup functions. 2011-06-14 09:07:32 +09:00
ip_vs_ftp.c ipvs: ip_vs_ftp: local functions should not be exposed globally 2012-05-08 19:40:52 +02:00
ip_vs_lblc.c ipvs: LBLC scheduler does not need GFP_ATOMIC allocation on init 2012-05-08 19:37:17 +02:00
ip_vs_lblcr.c ipvs: LBLCR scheduler does not need GFP_ATOMIC allocation on init 2012-05-08 19:37:26 +02:00
ip_vs_lc.c ipvs: unify the formula to estimate the overhead of processing connections 2011-02-25 11:35:41 +09:00
ip_vs_nfct.c ipvs: Remove unused parameter from ip_vs_confirm_conntrack() 2011-11-01 09:19:29 +01:00
ip_vs_nq.c ipvs: make "no destination available" message more informative 2011-02-16 14:53:33 +09:00
ip_vs_pe.c IPVS: Backup, Adding Version 1 receive capability 2010-11-25 10:42:59 +09:00
ip_vs_pe_sip.c net: fix assignment of 0/1 to bool variables. 2011-12-19 22:27:29 -05:00
ip_vs_proto.c ipvs: ip_vs_proto: local functions should not be exposed globally 2012-05-08 19:40:54 +02:00
ip_vs_proto_ah_esp.c IPVS: netns, connection hash got net as param. 2011-01-13 10:30:28 +09:00
ip_vs_proto_sctp.c ipvs: take care of return value from protocol init_netns 2012-04-30 10:40:35 +02:00
ip_vs_proto_tcp.c ipvs: take care of return value from protocol init_netns 2012-04-30 10:40:35 +02:00
ip_vs_proto_udp.c ipvs: take care of return value from protocol init_netns 2012-04-30 10:40:35 +02:00
ip_vs_rr.c ipvs: make "no destination available" message more informative 2011-02-16 14:53:33 +09:00
ip_vs_sched.c ipvs: make "no destination available" message more informative 2011-02-16 14:53:33 +09:00
ip_vs_sed.c ipvs: make "no destination available" message more informative 2011-02-16 14:53:33 +09:00
ip_vs_sh.c ipvs: SH scheduler does not need GFP_ATOMIC allocation 2012-05-08 19:37:28 +02:00
ip_vs_sync.c ipvs: add support for sync threads 2012-05-08 19:40:33 +02:00
ip_vs_wlc.c ipvs: unify the formula to estimate the overhead of processing connections 2011-02-25 11:35:41 +09:00
ip_vs_wrr.c ipvs: WRR scheduler does not need GFP_ATOMIC allocation 2012-05-08 19:37:22 +02:00
ip_vs_xmit.c net: Pass optional SKB and SK arguments to dst_ops->{update_pmtu,redirect}() 2012-07-17 03:29:28 -07:00