CVE-2015-8569 info leak from getsockname (rhbz 1292045 1292047)
This commit is contained in:
parent
c7cc20ad82
commit
3440fd73da
@ -625,6 +625,9 @@ Patch590: 0014-mfd-intel-lpss-Pass-SDA-hold-time-to-I2C-host-contro.patch
|
|||||||
Patch591: 0015-mfd-intel-lpss-Pass-HSUART-configuration-via-propert.patch
|
Patch591: 0015-mfd-intel-lpss-Pass-HSUART-configuration-via-propert.patch
|
||||||
Patch592: 0016-i2c-designware-Convert-to-use-unified-device-propert.patch
|
Patch592: 0016-i2c-designware-Convert-to-use-unified-device-propert.patch
|
||||||
|
|
||||||
|
#CVE-2015-8569 rhbz 1292045 1292047
|
||||||
|
Patch600: pptp-verify-sockaddr_len-in-pptp_bind-and-pptp_conne.patch
|
||||||
|
|
||||||
# END OF PATCH DEFINITIONS
|
# END OF PATCH DEFINITIONS
|
||||||
|
|
||||||
%endif
|
%endif
|
||||||
@ -2068,6 +2071,9 @@ fi
|
|||||||
#
|
#
|
||||||
#
|
#
|
||||||
%changelog
|
%changelog
|
||||||
|
* Thu Dec 17 2015 Josh Boyer <jwboyer@fedoraproject.org>
|
||||||
|
- CVE-2015-8569 info leak from getsockname (rhbz 1292045 1292047)
|
||||||
|
|
||||||
* Wed Dec 16 2015 Laura Abbott <labbott@redhat.com>
|
* Wed Dec 16 2015 Laura Abbott <labbott@redhat.com>
|
||||||
- Enable a set of RDMA drivers (rhbz 1291902)
|
- Enable a set of RDMA drivers (rhbz 1291902)
|
||||||
|
|
||||||
|
39
pptp-verify-sockaddr_len-in-pptp_bind-and-pptp_conne.patch
Normal file
39
pptp-verify-sockaddr_len-in-pptp_bind-and-pptp_conne.patch
Normal file
@ -0,0 +1,39 @@
|
|||||||
|
From 16c5a158e97d5b1f6c8bf86b006c1349f025d4e0 Mon Sep 17 00:00:00 2001
|
||||||
|
From: WANG Cong <xiyou.wangcong@gmail.com>
|
||||||
|
Date: Mon, 14 Dec 2015 13:48:36 -0800
|
||||||
|
Subject: [PATCH] pptp: verify sockaddr_len in pptp_bind() and pptp_connect()
|
||||||
|
|
||||||
|
Reported-by: Dmitry Vyukov <dvyukov@gmail.com>
|
||||||
|
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
|
||||||
|
Signed-off-by: David S. Miller <davem@davemloft.net>
|
||||||
|
---
|
||||||
|
drivers/net/ppp/pptp.c | 6 ++++++
|
||||||
|
1 file changed, 6 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/drivers/net/ppp/pptp.c b/drivers/net/ppp/pptp.c
|
||||||
|
index fc69e41d0950..597c53e0a2ec 100644
|
||||||
|
--- a/drivers/net/ppp/pptp.c
|
||||||
|
+++ b/drivers/net/ppp/pptp.c
|
||||||
|
@@ -419,6 +419,9 @@ static int pptp_bind(struct socket *sock, struct sockaddr *uservaddr,
|
||||||
|
struct pptp_opt *opt = &po->proto.pptp;
|
||||||
|
int error = 0;
|
||||||
|
|
||||||
|
+ if (sockaddr_len < sizeof(struct sockaddr_pppox))
|
||||||
|
+ return -EINVAL;
|
||||||
|
+
|
||||||
|
lock_sock(sk);
|
||||||
|
|
||||||
|
opt->src_addr = sp->sa_addr.pptp;
|
||||||
|
@@ -440,6 +443,9 @@ static int pptp_connect(struct socket *sock, struct sockaddr *uservaddr,
|
||||||
|
struct flowi4 fl4;
|
||||||
|
int error = 0;
|
||||||
|
|
||||||
|
+ if (sockaddr_len < sizeof(struct sockaddr_pppox))
|
||||||
|
+ return -EINVAL;
|
||||||
|
+
|
||||||
|
if (sp->sa_protocol != PX_PROTO_PPTP)
|
||||||
|
return -EINVAL;
|
||||||
|
|
||||||
|
--
|
||||||
|
2.5.0
|
||||||
|
|
Loading…
Reference in New Issue
Block a user