Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 4801dfda authored by Dmitry Vyukov's avatar Dmitry Vyukov Committed by Alexander Grund
Browse files

UPSTREAM: netfilter: x_tables: fix pointer leaks to userspace 



Several netfilter matches and targets put kernel pointers into
info objects, but don't set usersize in descriptors.
This leads to kernel pointer leaks if a match/target is set
and then read back to userspace.

Properly set usersize for these matches/targets.

Found with manual code inspection.

Bug: 120612905
Fixes: ec2318904965 ("xtables: extend matches and targets with .usersize")
Signed-off-by: default avatarDmitry Vyukov <dvyukov@google.com>
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: default avatarHridya Valsaraju <hridya@google.com>
(cherry picked from commit 1e98ffea5a8935ec040ab72299e349cb44b8defd)

Change-Id: I49071d0d767e692480760442c2fa567e462b4103
parent 7f985237
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment