raspi/linux
1
0
Fork 1
mirror of https://github.com/raspberrypi/linux.git synced 2025-12-08 10:59:46 +00:00
Code Issues Projects Releases Wiki Activity
Files
0756cc4526d3dd66ef19cbe7f81dcb51b203f0e6
linux/net/netfilter
History
Wander Lairson Costa b63b4e1145 netfilter: xt_sctp: validate the flag_info count 
commit e994764976 upstream.

sctp_mt_check doesn't validate the flag_count field. An attacker can
take advantage of that to trigger a OOB read and leak memory
information.

Add the field validation in the checkentry function.

Fixes: 2e4e6a17af ("[NETFILTER] x_tables: Abstraction layer for {ip,ip6,arp}_tables")
Cc: stable@vger.kernel.org
Reported-by: Lucas Leong <wmliang@infosec.exchange>
Signed-off-by: Wander Lairson Costa <wander@redhat.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2023-09-13 09:48:37 +02:00
..
ipset
netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c
2023-09-13 09:48:37 +02:00
ipvs
ipvs: fix racy memcpy in proc_do_sync_threshold
2023-08-23 17:32:46 +02:00
core.c
netfilter: conntrack: fix possible bug_on with enable_hooks=1
2023-05-10 08:50:39 +02:00
Kconfig
bpf: add bpf_link support for BPF_NETFILTER programs
2023-04-21 11:34:14 -07:00
Makefile
bpf: add bpf_link support for BPF_NETFILTER programs
2023-04-21 11:34:14 -07:00
nf_bpf_link.c
bpf: add test_run support for netfilter program type
2023-04-21 11:34:50 -07:00
nf_conncount.c
netfilter: nf_conncount: reduce unnecessary GC
2022-05-16 13:05:40 +02:00
nf_conntrack_acct.c
netfilter: conntrack: remove extension register api
2022-02-04 06:30:28 +01:00
nf_conntrack_amanda.c
nf_conntrack_bpf.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
2023-04-26 10:17:46 +02:00
nf_conntrack_broadcast.c
netfilter: nf_conntrack: use rcu accessors where needed
2022-07-11 16:25:15 +02:00
nf_conntrack_core.c
netfilter: conntrack: don't fold port numbers into addresses before hashing
2023-07-23 13:53:36 +02:00
nf_conntrack_ecache.c
netfilter: ctnetlink: make event listener tracking global
2023-02-22 00:28:47 +01:00
nf_conntrack_expect.c
netfilter: conntrack: convert to refcount_t api
2022-01-09 23:30:13 +01:00
nf_conntrack_extend.c
netfilter: extensions: introduce extension genid count
2022-05-13 18:52:16 +02:00
nf_conntrack_ftp.c
netfilter: nf_ct_ftp: fix deadlock when nat rewrite is needed
2022-09-20 23:50:03 +02:00
nf_conntrack_h323_asn1.c
netfilter: Use fallthrough pseudo-keyword
2020-07-22 01:18:05 +02:00
nf_conntrack_h323_main.c
netfilter: nf_ct_h323: cap packet size at 64k
2022-08-11 16:50:49 +02:00
nf_conntrack_h323_types.c
nf_conntrack_helper.c
netfilter: conntrack: Avoid nf_ct_helper_hash uses after free
2023-07-19 16:37:02 +02:00
nf_conntrack_irc.c
netfilter: nf_conntrack_irc: Tighten matching on DCC message
2022-09-07 15:55:23 +02:00
nf_conntrack_labels.c
netfilter: conntrack: remove extension register api
2022-02-04 06:30:28 +01:00
nf_conntrack_netbios_ns.c
netfilter: nf_conntrack_netbios_ns: fix helper module alias
2022-01-11 10:41:44 +01:00
nf_conntrack_netlink.c
netfilter: conntrack: define variables exp_nat_nla_policy and any_addr with CONFIG_NF_NAT
2023-05-17 14:15:57 +02:00
nf_conntrack_ovs.c
netfilter: use nf_ip6_check_hbh_len in nf_ct_skb_network_trim
2023-03-08 14:25:41 +01:00
nf_conntrack_pptp.c
netfilter: nf_conntrack: add missing __rcu annotations
2022-07-11 16:25:15 +02:00
nf_conntrack_proto_dccp.c
netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one
2023-07-19 16:35:37 +02:00
nf_conntrack_proto_generic.c
nf_conntrack_proto_gre.c
netfilter: conntrack: nf_ct_gre_keymap_flush() removal
2021-07-02 02:07:01 +02:00
nf_conntrack_proto_icmp.c
netfilter: conntrack: pass hook state to log functions
2021-06-18 14:47:43 +02:00
nf_conntrack_proto_icmpv6.c
netfilter: conntrack: set icmpv6 redirects as RELATED
2022-11-30 23:01:20 +01:00
nf_conntrack_proto_sctp.c
netfilter: set default timeout to 3 secs for sctp shutdown send and recv state
2023-08-23 17:32:46 +02:00
nf_conntrack_proto_tcp.c
netfilter: let reset rules clean out conntrack entries
2023-02-17 13:04:56 +01:00
nf_conntrack_proto_udp.c
netfilter: conntrack: udp: fix seen-reply test
2023-02-01 12:18:51 +01:00
nf_conntrack_proto.c
netfilter: conntrack: remove pr_debug calls
2023-01-18 13:05:24 +01:00
nf_conntrack_sane.c
netfilter: nf_ct_sane: remove pseudo skb linearization
2022-08-11 16:50:25 +02:00
nf_conntrack_seqadj.c
netfilter: conntrack: remove extension register api
2022-02-04 06:30:28 +01:00
nf_conntrack_sip.c
netfilter: nf_conntrack_sip: fix the ct_sip_parse_numerical_param() return value.
2023-07-19 16:35:37 +02:00
nf_conntrack_snmp.c
nf_conntrack_standalone.c
netfilter: conntrack: fix possible bug_on with enable_hooks=1
2023-05-10 08:50:39 +02:00
nf_conntrack_tftp.c
nf_conntrack_timeout.c
netfilter: nf_conntrack: use rcu accessors where needed
2022-07-11 16:25:15 +02:00
nf_conntrack_timestamp.c
netfilter: conntrack: remove extension register api
2022-02-04 06:30:28 +01:00
nf_dup_netdev.c
netfilter: nf_dup_netdev: add and use recursion counter
2022-06-21 10:50:41 +02:00
nf_flow_table_core.c
net/sched: act_ct: Fix promotion of offloaded unreplied tuple
2023-06-14 09:56:50 +02:00
nf_flow_table_inet.c
netfilter: flowtable: cache info of last offload
2023-02-03 09:31:24 +00:00
nf_flow_table_ip.c
net: move gso declarations and functions to their own files
2023-08-11 12:14:12 +02:00
nf_flow_table_offload.c
netfilter: flowtable: cache info of last offload
2023-02-03 09:31:24 +00:00
nf_flow_table_procfs.c
netfilter: nf_flow_table: count pending offload workqueue tasks
2022-07-11 16:25:14 +02:00
nf_hooks_lwtunnel.c
netfilter: add netfilter hooks to SRv6 data plane
2021-08-30 01:51:36 +02:00
nf_internals.h
netfilter: ctnetlink: add kernel side filtering for dump
2020-05-27 22:20:34 +02:00
nf_log_syslog.c
netfilter: use skb_ip_totlen and iph_totlen
2023-02-01 20:54:27 -08:00
nf_log.c
netfilter: move from strlcpy with unused retval to strscpy
2022-09-07 16:46:03 +02:00
nf_nat_amanda.c
netfilter: nat: move repetitive nat port reserve loop to a helper
2022-09-07 16:46:04 +02:00
nf_nat_bpf.c
bpf: Add __bpf_kfunc tag to all kfuncs
2023-02-02 00:25:14 +01:00
nf_nat_core.c
netfilter: nat: fix indentation of function arguments
2023-03-08 14:25:44 +01:00
nf_nat_ftp.c
netfilter: nat: move repetitive nat port reserve loop to a helper
2022-09-07 16:46:04 +02:00
nf_nat_helper.c
treewide: use get_random_u32_below() instead of deprecated function
2022-11-18 02:15:15 +01:00
nf_nat_irc.c
netfilter: nat: move repetitive nat port reserve loop to a helper
2022-09-07 16:46:04 +02:00
nf_nat_masquerade.c
netfilter: conntrack: add nf_ct_iter_data object for nf_ct_iterate_cleanup*()
2022-05-13 18:56:27 +02:00
nf_nat_ovs.c
net: move the nat function to nf_nat_ovs for ovs and tc
2022-12-12 10:14:03 +00:00
nf_nat_proto.c
netfilter: nat: move nf_xfrm_me_harder to where it is used
2021-04-26 03:20:07 +02:00
nf_nat_redirect.c
netfilter: nft_redir: use struct nf_nat_range2 throughout and deduplicate eval call-backs
2023-03-22 21:48:59 +01:00
nf_nat_sip.c
netfilter: nat: move repetitive nat port reserve loop to a helper
2022-09-07 16:46:04 +02:00
nf_nat_tftp.c
nf_queue.c
netfilter: nf_queue: handle socket prefetch
2022-03-01 11:51:15 +01:00
nf_sockopt.c
netfilter: switch nf_setsockopt to sockptr_t
2020-07-24 15:41:54 -07:00
nf_synproxy_core.c
ip: Fix data-races around sysctl_ip_default_ttl.
2022-07-15 11:49:55 +01:00
nf_tables_api.c
netfilter: nf_tables: use correct lock to protect gc_list
2023-08-30 14:52:33 +02:00
nf_tables_core.c
netfilter: nf_tables: do not store rule in traceinfo structure
2023-04-22 01:39:41 +02:00
nf_tables_offload.c
netfilter: nf_tables: bail out early if hardware offload is not supported
2022-06-06 19:19:15 +02:00
nf_tables_trace.c
netfilter: nf_tables: do not store rule in traceinfo structure
2023-04-22 01:39:41 +02:00
nfnetlink_acct.c
netfilter: use nfnetlink_unicast()
2021-05-29 01:04:53 +02:00
nfnetlink_cthelper.c
netfilter: nf_conntrack: use rcu accessors where needed
2022-07-11 16:25:15 +02:00
nfnetlink_cttimeout.c
netfilter: cttimeout: fix slab-out-of-bounds read typo in cttimeout_net_exit
2022-06-17 23:31:20 +02:00
nfnetlink_hook.c
netfilter: nfnetlink hook: dump bpf prog id
2023-04-21 11:34:14 -07:00
nfnetlink_log.c
netfilter: nfnetlink_log: remove rcu_bh usage
2023-03-30 22:20:09 +02:00
nfnetlink_osf.c
netfilter: nfnetlink_osf: fix module autoload
2023-06-20 22:43:42 +02:00
nfnetlink_queue.c
net: move gso declarations and functions to their own files
2023-08-11 12:14:12 +02:00
nfnetlink.c
netfilter: nfnetlink: skip error delivery on batch in case of ENOMEM
2023-06-08 04:00:02 +02:00
nft_bitwise.c
netfilter: nft_bitwise: fix register tracking
2023-06-07 00:43:43 +02:00
nft_byteorder.c
netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
2023-07-19 16:37:02 +02:00
nft_chain_filter.c
netfilter: nf_tables: always release netdev hooks from notifier
2023-05-10 08:50:18 +02:00
nft_chain_nat.c
netfilter: nf_tables: remove unused arg in nft_set_pktinfo_unspec()
2021-05-29 01:04:54 +02:00
nft_chain_route.c
netfilter: nf_tables: remove unused arg in nft_set_pktinfo_unspec()
2021-05-29 01:04:54 +02:00
nft_cmp.c
netfilter: nf_tables: Extend nft_expr_ops::dump callback parameters
2022-11-15 10:46:34 +01:00
nft_compat.c
netfilter: nf_tables: Extend nft_expr_ops::dump callback parameters
2022-11-15 10:46:34 +01:00
nft_connlimit.c
netfilter: nf_tables: Extend nft_expr_ops::dump callback parameters
2022-11-15 10:46:34 +01:00
nft_counter.c
netfilter: nf_tables: Introduce NFT_MSG_GETRULE_RESET
2022-11-15 10:53:17 +01:00
nft_ct_fast.c
netfilter: nf_tables: fix ct untracked match breakage
2023-05-03 13:49:08 +02:00
nft_ct.c
netfilter: nf_tables: avoid retpoline overhead for some ct expression calls
2023-01-18 13:05:25 +01:00
nft_dup_netdev.c
netfilter: nf_tables: Extend nft_expr_ops::dump callback parameters
2022-11-15 10:46:34 +01:00
nft_dynset.c
netfilter: nft_dynset: disallow object maps
2023-08-23 17:32:46 +02:00
nft_exthdr.c
netfilter: nft_exthdr: Fix non-linear header modification
2023-09-13 09:48:37 +02:00
nft_fib_inet.c
netfilter: nft_fib: add reduce support
2022-03-20 00:29:47 +01:00
nft_fib_netdev.c
netfilter: nft_fib: add reduce support
2022-03-20 00:29:47 +01:00
nft_fib.c
netfilter: nf_tables: Extend nft_expr_ops::dump callback parameters
2022-11-15 10:46:34 +01:00
nft_flow_offload.c
netfilter: nf_tables: report use refcount overflow
2023-07-23 13:53:36 +02:00
nft_fwd_netdev.c
netfilter: nf_tables: Extend nft_expr_ops::dump callback parameters
2022-11-15 10:46:34 +01:00
nft_hash.c
netfilter: nf_tables: Extend nft_expr_ops::dump callback parameters
2022-11-15 10:46:34 +01:00
nft_immediate.c
netfilter: nf_tables: skip immediate deactivate in _PREPARE_ERROR
2023-08-03 10:25:53 +02:00
nft_inner.c
netfilter: nf_tables: Introduce NFT_MSG_GETRULE_RESET
2022-11-15 10:53:17 +01:00
nft_last.c
netfilter: nft_last: copy content when cloning expression
2023-03-01 17:23:23 +01:00
nft_limit.c
netfilter: nf_tables: Extend nft_expr_ops::dump callback parameters
2022-11-15 10:46:34 +01:00
nft_log.c
netfilter: nf_tables: Extend nft_expr_ops::dump callback parameters
2022-11-15 10:46:34 +01:00
nft_lookup.c
netfilter: nf_tables: deactivate anonymous set from preparation phase
2023-05-03 08:24:32 +02:00
nft_masq.c
netfilter: nft_masq: deduplicate eval call-backs
2023-03-22 21:48:59 +01:00
nft_meta.c
netfilter: nf_tables: Extend nft_expr_ops::dump callback parameters
2022-11-15 10:46:34 +01:00
nft_nat.c
netfilter: nft_nat: correct length for loading protocol registers
2023-03-08 12:25:59 +01:00
nft_numgen.c
netfilter: nf_tables: Extend nft_expr_ops::dump callback parameters
2022-11-15 10:46:34 +01:00
nft_objref.c
netfilter: nf_tables: report use refcount overflow
2023-07-23 13:53:36 +02:00
nft_osf.c
netfilter: nf_tables: Extend nft_expr_ops::dump callback parameters
2022-11-15 10:46:34 +01:00
nft_payload.c
netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits
2023-01-11 19:18:04 +01:00
nft_queue.c
netfilter: nf_tables: Extend nft_expr_ops::dump callback parameters
2022-11-15 10:46:34 +01:00
nft_quota.c
netfilter: nft_quota: copy content when cloning expression
2023-03-01 17:23:23 +01:00
nft_range.c
netfilter: nf_tables: Extend nft_expr_ops::dump callback parameters
2022-11-15 10:46:34 +01:00
nft_redir.c
netfilter: nft_redir: use struct nf_nat_range2 throughout and deduplicate eval call-backs
2023-03-22 21:48:59 +01:00
nft_reject_inet.c
netfilter: nf_tables: do not reduce read-only expressions
2022-03-20 00:29:46 +01:00
nft_reject_netdev.c
netfilter: nf_tables: do not reduce read-only expressions
2022-03-20 00:29:46 +01:00
nft_reject.c
netfilter: nf_tables: Extend nft_expr_ops::dump callback parameters
2022-11-15 10:46:34 +01:00
nft_rt.c
netfilter: nf_tables: Extend nft_expr_ops::dump callback parameters
2022-11-15 10:46:34 +01:00
nft_set_bitmap.c
netfilter: nf_tables: drop map element references from preparation phase
2023-06-20 22:43:40 +02:00
nft_set_hash.c
netfilter: nf_tables: defer gc run if previous batch is still pending
2023-08-30 14:52:34 +02:00
nft_set_pipapo_avx2.c
netfilter: nft_set_pipapo_avx2: remove redundant pointer lt
2021-12-24 16:58:17 +01:00
nft_set_pipapo_avx2.h
netfilter: nf_tables: prefer direct calls for set lookups
2021-05-29 01:04:27 +02:00
nft_set_pipapo.c
netfilter: nf_tables: fix kdoc warnings after gc rework
2023-08-30 14:52:45 +02:00
nft_set_pipapo.h
netfilter: nf_tables: prefer direct calls for set lookups
2021-05-29 01:04:27 +02:00
nft_set_rbtree.c
netfilter: nf_tables: defer gc run if previous batch is still pending
2023-08-30 14:52:34 +02:00
nft_socket.c
net: annotate data-races around sk->sk_mark
2023-08-11 12:14:13 +02:00
nft_synproxy.c
netfilter: nf_tables: Extend nft_expr_ops::dump callback parameters
2022-11-15 10:46:34 +01:00
nft_tproxy.c
netfilter: nf_tables: Extend nft_expr_ops::dump callback parameters
2022-11-15 10:46:34 +01:00
nft_tunnel.c
netfilter: nf_tables: Extend nft_expr_ops::dump callback parameters
2022-11-15 10:46:34 +01:00
nft_xfrm.c
netfilter: nf_tables: Extend nft_expr_ops::dump callback parameters
2022-11-15 10:46:34 +01:00
utils.c
netfilter: move br_nf_check_hbh_len to utils
2023-03-08 14:25:40 +01:00
x_tables.c
netfilter: move from strlcpy with unused retval to strscpy
2022-09-07 16:46:03 +02:00
xt_addrtype.c
xt_AUDIT.c
netfilter: fix clang-12 fmt string warnings
2021-06-01 23:53:51 +02:00
xt_bpf.c
bpf: Refactor BPF_PROG_RUN into a function
2021-08-17 00:45:07 +02:00
xt_cgroup.c
xt_CHECKSUM.c
xt_CLASSIFY.c
xt_cluster.c
xt_comment.c
xt_connbytes.c
xt_connlabel.c
xt_connlimit.c
netfilter: x_tables: use correct integer types
2022-07-11 16:40:45 +02:00
xt_connmark.c
netfilter: conntrack: Fix data-races around ct mark
2022-11-18 15:21:00 +01:00
xt_CONNSECMARK.c
netfilter: Replace HTTP links with HTTPS ones
2020-07-29 20:09:18 +02:00
xt_conntrack.c
xt_cpu.c
xt_CT.c
netfilter: nf_conntrack: use rcu accessors where needed
2022-07-11 16:25:15 +02:00
xt_dccp.c
xt_devgroup.c
xt_dscp.c
xt_DSCP.c
netfilter: x_tables: use correct integer types
2022-07-11 16:40:45 +02:00
xt_ecn.c
xt_esp.c
xt_hashlimit.c
proc: remove PDE_DATA() completely
2022-01-22 08:33:37 +02:00
xt_helper.c
xt_hl.c
xt_HL.c
xt_HMARK.c
netfilter: xt_HMARK: Use ip_is_fragment() helper
2020-08-28 19:55:51 +02:00
xt_IDLETIMER.c
driver core: class: remove module * from class_create()
2023-03-17 15:16:33 +01:00
xt_ipcomp.c
xt_iprange.c
xt_ipvs.c
xt_l2tp.c
xt_LED.c
treewide: Convert del_timer*() to timer_shutdown*()
2022-12-25 13:38:09 -08:00
xt_length.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf
2023-02-22 21:25:23 -08:00
xt_limit.c
netfilter: x_tables: improve limit_mt scalability
2021-05-29 01:04:52 +02:00
xt_LOG.c
netfilter: log: work around missing softdep backend module
2021-09-21 03:46:56 +02:00
xt_mac.c
xt_mark.c
xt_MASQUERADE.c
xt_multiport.c
xt_nat.c
netfilter: Add MODULE_DESCRIPTION entries to kernel modules
2020-06-25 00:50:31 +02:00
xt_NETMAP.c
xt_nfacct.c
netfilter: Remove unnecessary conversion to bool
2020-12-01 09:45:29 +01:00
xt_NFLOG.c
netfilter: log: work around missing softdep backend module
2021-09-21 03:46:56 +02:00
xt_NFQUEUE.c
xt_osf.c
netfilter: nfnetlink_osf: fix module autoload
2023-06-20 22:43:42 +02:00
xt_owner.c
xt_physdev.c
xt_pkttype.c
xt_policy.c
xt_quota.c
xt_rateest.c
xt_RATEEST.c
netfilter: move from strlcpy with unused retval to strscpy
2022-09-07 16:46:03 +02:00
xt_realm.c
xt_recent.c
proc: remove PDE_DATA() completely
2022-01-22 08:33:37 +02:00
xt_REDIRECT.c
netfilter: nft_redir: use struct nf_nat_range2 throughout and deduplicate eval call-backs
2023-03-22 21:48:59 +01:00
xt_repldata.h
xt_sctp.c
netfilter: xt_sctp: validate the flag_info count
2023-09-13 09:48:37 +02:00
xt_SECMARK.c
netfilter: xt_SECMARK: add new revision to fix structure layout
2021-05-03 23:02:44 +02:00
xt_set.c
xt_socket.c
net: annotate data-races around sk->sk_mark
2023-08-11 12:14:13 +02:00
xt_state.c
xt_statistic.c
treewide: use get_random_u32() when possible
2022-10-11 17:42:58 -06:00
xt_string.c
xt_tcpmss.c
xt_TCPMSS.c
netfilter: x_tables: use correct integer types
2022-07-11 16:40:45 +02:00
xt_TCPOPTSTRIP.c
xt_tcpudp.c
xtables: move icmp/icmpv6 logic to xt_tcpudp
2023-03-22 21:48:59 +01:00
xt_TEE.c
xt_time.c
netfilter: Replace HTTP links with HTTPS ones
2020-07-29 20:09:18 +02:00
xt_TPROXY.c
netfilter: xt_TPROXY: remove pr_debug invocations
2022-07-21 00:56:00 +02:00
xt_TRACE.c
netfilter: nf_log: add module softdeps
2021-03-31 22:34:10 +02:00
xt_u32.c
netfilter: xt_u32: validate user space input
2023-09-13 09:48:37 +02:00