Date: Tue, 28 Feb 2017 17:23:09 +0100 From: Salvatore Bonaccorso <carnil@...ian.org> To: OSS Security Mailinglist <oss-security@...ts.openwall.com> Subject: Linux: ip: fix IP_CHECKSUM handling (CVE-2017-6347) Hi CVE-2017-6347 was assigned by MITRE to the following (via https://cveform.mitre.org/): https://git.kernel.org/linus/ca4ef4574f1ee5252e2cd365f8f5d5bafd048f32 > ip: fix IP_CHECKSUM handling > > The skbs processed by ip_cmsg_recv() are not guaranteed to > be linear e.g. when sending UDP packets over loopback with > MSGMORE. > Using csum_partial() on [potentially] the whole skb len > is dangerous; instead be on the safe side and use skb_checksum(). > > Thanks to syzkaller team to detect the issue and provide the > reproducer. The issue was introduced in 4.0 by commit ad6f939ab193. The fix as well backported to 4.9.13. Regards, Salvatore
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ