Date: Tue, 28 Feb 2017 17:28:02 +0100 From: Salvatore Bonaccorso <carnil@...ian.org> To: OSS Security Mailinglist <oss-security@...ts.openwall.com> Subject: Linux: net/llc: avoid BUG_ON() in skb_orphan() (CVE-2017-6345) Hi CVE-2017-6345 was assigned by MITRE to the following (via https://cveform.mitre.org/): https://git.kernel.org/linus/8b74d439e1697110c5e5c600643e823eb1dd0762 > net/llc: avoid BUG_ON() in skb_orphan() > > It seems nobody used LLC since linux-3.12. > > Fortunately fuzzers like syzkaller still know how to run this code, > otherwise it would be no fun. > > Setting skb->sk without skb->destructor leads to all kinds of > bugs, we now prefer to be very strict about it. > > Ideally here we would use skb_set_owner() but this helper does not exist yet, > only CAN seems to have a private helper for that. The fix was backported to 4.9.13 as well. Regards, Salvatore
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ