Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit 2338563c authored by Eric Dumazet's avatar Eric Dumazet Committed by Usaamah Patel
Browse files

CVE-2017-18017: netfilter: xt_TCPMSS: add more sanity tests on tcph->doff 



Denys provided an awesome KASAN report pointing to an use
after free in xt_TCPMSS

I have provided three patches to fix this issue, either in xt_TCPMSS or
in xt_tcpudp.c. It seems xt_TCPMSS patch has the smallest possible
impact.

Change-Id: Ia2a0983db2d48aaa918957507163c34e4fd6860e
Signed-off-by: default avatarEric Dumazet <edumazet@google.com>
Reported-by: default avatarDenys Fedoryshchenko <nuclearcat@nuclearcat.com>
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
parent fb446be9
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment