mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-08-25 02:09:42 +00:00
Code Issues Releases Wiki Activity
No description
887045 commits 104 branches 5070 tags 5.6 GiB
C 97.6%
Assembly 1%
Shell 0.5%
Python 0.3%
Makefile 0.3%
Find a file
Maxim Mikityanskiy 6defc77d48 netfilter: synproxy: Fix out of bounds when parsing TCP options 
[ Upstream commit 5fc177ab75 ]

The TCP option parser in synproxy (synproxy_parse_options) could read
one byte out of bounds. When the length is 1, the execution flow gets
into the loop, reads one byte of the opcode, and if the opcode is
neither TCPOPT_EOL nor TCPOPT_NOP, it reads one more byte, which exceeds
the length of 1.

This fix is inspired by commit 9609dad263 ("ipv4: tcp_input: fix stack
out of bounds when parsing TCP options.").

v2 changes:

Added an early return when length < 0 to avoid calling
skb_header_pointer with negative length.

Cc: Young Xiao <92siuyang@gmail.com>
Fixes: 48b1de4c11 ("netfilter: add SYNPROXY core/target")
Signed-off-by: Maxim Mikityanskiy <maximmi@nvidia.com>
Reviewed-by: Florian Westphal <fw@strlen.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2021-06-23 14:41:25 +02:00
arch kvm: LAPIC: Restore guard to prevent illegal APIC register access 2021-06-23 14:41:23 +02:00
block blk-mq: Swap two calls in blk_mq_exit_queue() 2021-05-19 10:08:30 +02:00
certs certs: Fix blacklist flag type confusion 2021-03-04 10:26:29 +01:00
crypto crypto: rng - fix crypto_rng_reset() refcounting when !CRYPTO_STATS 2021-05-11 14:04:15 +02:00
Documentation XArray: add xas_split 2021-06-10 13:37:14 +02:00
drivers net/mlx5e: Block offload of outer header csum for UDP tunnels 2021-06-23 14:41:25 +02:00
fs afs: Fix an IS_ERR() vs NULL check 2021-06-23 14:41:23 +02:00
include net/mlx5e: Fix page reclaim for dead peer hairpin 2021-06-23 14:41:24 +02:00
init pid: take a reference when initializing cad_pid 2021-06-10 13:37:11 +02:00
ipc ipc/util.c: sysvipc_find_ipc() incorrectly updates position index 2020-05-20 08:20:16 +02:00
kernel tracing: Correct the length check which causes memory corruption 2021-06-16 11:59:46 +02:00
lib lib/lz4: explicitly support in-place decompression 2021-06-10 13:37:16 +02:00
LICENSES LICENSES: Rename other to deprecated 2019-05-03 06:34:32 -06:00
mm mm/memory-failure: make sure wait for page writeback in memory_failure 2021-06-23 14:41:23 +02:00
net netfilter: synproxy: Fix out of bounds when parsing TCP options 2021-06-23 14:41:25 +02:00
samples samples: vfio-mdev: fix error handing in mdpy_fb_probe() 2021-06-10 13:37:03 +02:00
scripts scripts: switch explicitly to Python 3 2021-05-22 11:38:30 +02:00
security security: commoncap: fix -Wstringop-overread warning 2021-05-11 14:04:16 +02:00
sound ASoC: sti-sas: add missing MODULE_DEVICE_TABLE 2021-06-16 11:59:33 +02:00
tools perf session: Correct buffer copying when peeking events 2021-06-16 11:59:45 +02:00
usr initramfs: restore default compression behavior 2020-04-08 09:08:38 +02:00
virt KVM: arm64: Initialize VCPU mdcr_el2 before loading it 2021-05-22 11:38:30 +02:00
.clang-format clang-format: Update with the latest for_each macro list 2019-08-31 10:00:51 +02:00
.cocciconfig
.get_maintainer.ignore Opt out of scripts/get_maintainer.pl 2019-05-16 10:53:40 -07:00
.gitattributes
.gitignore Modules updates for v5.4 2019-09-22 10:34:46 -07:00
.mailmap ARM: SoC fixes 2019-11-10 13:41:59 -08:00
COPYING COPYING: use the new text with points to the license files 2018-03-23 12:41:45 -06:00
CREDITS MAINTAINERS: Remove Simon as Renesas SoC Co-Maintainer 2019-10-10 08:12:51 -07:00
Kbuild kbuild: do not descend to ./Kbuild when cleaning 2019-08-21 21:03:58 +09:00
Kconfig docs: kbuild: convert docs to ReST and rename to *.rst 2019-06-14 14:21:21 -06:00
MAINTAINERS Documentation/llvm: add documentation on building w/ Clang/LLVM 2020-08-26 10:40:46 +02:00
Makefile Linux 5.4.127 2021-06-18 09:59:00 +02:00
README Drop all 00-INDEX files from Documentation/ 2018-09-09 15:08:58 -06:00

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.