lisa/android_kernel_xiaomi_sm8350
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6d381634d2
android_kernel_xiaomi_sm8350/net
History
Patrick McHardy 6d381634d2 [NETFILTER]: Fix ip6_tables extension header bypass bug 
As reported by Mark Dowd <Mark_Dowd@McAfee.com>, ip6_tables is susceptible
to a fragmentation attack causing false negatives on extension header matches.

When extension headers occur in the non-first fragment after the fragment
header (possibly with an incorrect nexthdr value in the fragment header)
a rule looking for this extension header will never match.

Drop fragments that are at offset 0 and don't contain the final protocol
header regardless of the ruleset, since this should not happen normally.
Since all extension headers are before the protocol header this makes sure
an extension header is either not present or in the first fragment, where
we can properly parse it.

With help from Yasuyuki KOZAKAI <yasuyuki.kozakai@toshiba.co.jp>.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-10-24 16:15:10 -07:00
..
802
8021q [PATCH] Finish annotations of struct vlan_ethhdr 2006-10-10 16:15:34 -07:00
appletalk
atm [ATM]: handle sysfs errors 2006-10-21 19:55:22 -07:00
ax25
bluetooth [Bluetooth] Fix HID disconnect NULL pointer dereference 2006-10-20 01:15:05 -07:00
bridge [BRIDGE]: flush forwarding table when device carrier off 2006-10-15 23:14:13 -07:00
core Merge branch 'we21-fix' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-2.6 into tmp 2006-10-21 14:11:15 -04:00
dccp [DCCP] ipv6: Fix opt_skb leak. 2006-10-21 19:55:21 -07:00
decnet [DECNET]: Fix input routing bug 2006-10-18 20:45:22 -07:00
econet
ethernet [NET]: Annotate dst_ops protocol 2006-09-28 18:02:58 -07:00
ieee80211 [PATCH] sotftmac: fix a slab corruption in WEP restricted key association 2006-10-17 10:15:58 -04:00
ipv4 [IPV4] ipconfig: fix RARP ic_servaddr breakage 2006-10-24 15:18:36 -07:00
ipv6 [NETFILTER]: Fix ip6_tables extension header bypass bug 2006-10-24 16:15:10 -07:00
ipx
irda [PATCH] strndup() would better take size_t, not int 2006-10-10 15:37:24 -07:00
key IPsec: correct semantics for SELinux policy matching 2006-10-11 23:59:37 -07:00
lapb
llc
netfilter [NETFILTER]: ctnetlink: Remove debugging messages 2006-10-15 23:14:11 -07:00
netlabel NetLabel: fix a cache race condition 2006-10-11 23:59:29 -07:00
netlink
netrom
packet
rose
rxrpc [PATCH] kmemdup: some users 2006-10-01 00:39:19 -07:00
sched [PKT_SCHED] netem: Orphan SKB when adding to queue. 2006-10-22 21:00:33 -07:00
sctp [IPV6]: Make sure error handling is done when calling ip6_route_output(). 2006-10-18 19:55:27 -07:00
sunrpc [PATCH] knfsd: fix race that can disable NFS server 2006-10-20 10:26:44 -07:00
tipc [TIPC]: Updated TIPC version number to 1.6.2 2006-10-18 19:55:24 -07:00
unix
wanrouter
x25
xfrm [XFRM]: Fix xfrm_state accounting 2006-10-24 15:34:00 -07:00
compat.c [NET]: File descriptor loss while receiving SCM_RIGHTS 2006-10-11 23:59:48 -07:00
Kconfig
Makefile
nonet.c
socket.c [PATCH] file: modify struct fown_struct to use a struct pid 2006-10-02 07:57:14 -07:00
sysctl_net.c
TUNABLE