Piteball/android_kernel_google_msm
1
0
Fork 0
mirror of https://github.com/followmsi/android_kernel_google_msm.git synced 2024-11-06 23:17:41 +00:00
Code Issues Projects Releases Wiki Activity
android_kernel_google_msm/net
History
Marcelo Leitner 84a5789882 ipv6: addrconf: validate new MTU before applying it 
Currently we don't check if the new MTU is valid or not and this allows
one to configure a smaller than minimum allowed by RFCs or even bigger
than interface own MTU, which is a problem as it may lead to packet
drops.

If you have a daemon like NetworkManager running, this may be exploited
by remote attackers by forging RA packets with an invalid MTU, possibly
leading to a DoS. (NetworkManager currently only validates for values
too small, but not for too big ones.)

The fix is just to make sure the new value is valid. That is, between
IPV6_MIN_MTU and interface's MTU.

Note that similar check is already performed at
ndisc_router_discovery(), for when kernel itself parses the RA.

Change-Id: Id2c8fd3cb68ae157dc31d663e5439ddecc109c0c
Signed-off-by: Marcelo Ricardo Leitner <mleitner@redhat.com>
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2016-10-29 23:12:12 +08:00
..
9p
802
8021q Revert "net: maintain namespace isolation between vlan and real device" 2012-05-10 23:03:34 -04:00
appletalk
atm
ax25 net: add validation for the socket syscall protocol argument 2016-10-29 23:12:11 +08:00
batman-adv
bluetooth bluetooth: Validate socket address length in sco_sock_bind(). 2016-10-29 23:12:11 +08:00
bridge Merge commit 'v3.4-rc6' into android-3.4 2012-05-07 18:20:34 -07:00
caif caif: Fix memory leakage in the chnl_net.c. 2012-04-13 11:01:44 -04:00
can
ceph
core net: guard tcp_set_keepalive() to tcp sockets 2016-10-29 23:12:11 +08:00
dcb
dccp ipv6: add complete rcu protection around np->opt 2016-06-17 02:54:32 +00:00
decnet net: add validation for the socket syscall protocol argument 2016-10-29 23:12:11 +08:00
dns_resolver
dsa
econet
ethernet
ieee802154 6lowpan: add missing spin_lock_init() 2012-04-26 05:32:55 -04:00
ipv4 net: add validation for the socket syscall protocol argument 2016-10-29 23:12:11 +08:00
ipv6 ipv6: addrconf: validate new MTU before applying it 2016-10-29 23:12:12 +08:00
ipx
irda net: add validation for the socket syscall protocol argument 2016-10-29 23:12:11 +08:00
iucv
key net/key/af_key.c: add missing kfree_skb 2012-04-13 11:01:44 -04:00
l2tp net/l2tp: don't fall back on UDP [get|set]sockopt 2014-07-24 15:36:39 -07:00
lapb
llc net: llc: use correct size for sysctl timeout entries 2016-10-29 23:12:10 +08:00
mac80211 ieee80211: Rename VHT cap struct 2013-09-04 12:43:32 -07:00
netfilter netfilter: nf_conntrack_dccp: fix skb_header_pointer API usages 2016-10-29 23:12:11 +08:00
netlabel
netlink netlink: validate addr_len on bind 2013-07-03 10:34:22 -07:00
netrom
nfc NFC: Fix the LLCP Tx fragmentation loop 2012-04-11 15:09:33 -04:00
openvswitch openvswitch: checking wrong variable in queue_userspace_packet() 2012-05-13 15:47:34 -04:00
packet
phonet phonet: Sort out initiailziation and cleanup code. 2012-04-13 11:01:43 -04:00
rds
rfkill
rose
rxrpc
sched net: sched: export an api to enable/disable flow on sch 2013-03-07 15:20:04 -08:00
sctp sctp: check cached dst before using it 2012-05-10 23:15:47 -04:00
sunrpc sunrpc: Fix possibly uninitialized variable warnings 2016-10-29 23:12:09 +08:00
tipc
unix af_unix: use freezable blocking calls in read 2013-07-12 14:22:59 -07:00
wanrouter
wimax
wireless cfg80211: add flags to define country IE processing rules 2014-02-10 15:57:17 -08:00
x25
xfrm
activity_stats.c
compat.c net/compat.c,linux/filter.h: share compat_sock_fprog 2014-10-31 19:46:10 -07:00
Kconfig
Makefile
nonet.c
socket.c net: validate the range we feed to iov_iter_init() in sys_sendto/sys_recvfrom 2016-06-15 06:22:38 +00:00
sysctl_net.c