* Re: linux-2.6.7 Equalizer Load-balancer. eql.c. local non-privileged DoS
[not found] <20040618115153.3ad2dc32.vitalyvb@ukr.net>
@ 2004-06-18 11:35 ` Herbert Xu
2004-06-19 21:05 ` Jeff Garzik
0 siblings, 1 reply; 2+ messages in thread
From: Herbert Xu @ 2004-06-18 11:35 UTC (permalink / raw)
To: Vitaly V. Bursov; +Cc: linux-kernel, alan, davem, jgarzik, netdev
Vitaly V. Bursov <vitalyvb@ukr.net> wrote:
>
> there are multiple vulns in drivers/net/eql.c
>
> if there is no such device, dev_get_by_name returns NULL and everything dies.
> Exploiting this is trivial.
Thanks for the report. This patch should fix them.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Cheers,
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
===== drivers/net/eql.c 1.13 vs edited =====
--- 1.13/drivers/net/eql.c 2004-06-05 01:50:36 +10:00
+++ edited/drivers/net/eql.c 2004-06-18 21:30:49 +10:00
@@ -497,6 +497,8 @@
slave_dev = dev_get_by_name(sc.slave_name);
ret = -EINVAL;
+ if (!slave_dev)
+ return ret;
spin_lock_bh(&eql->queue.lock);
if (eql_is_slave(slave_dev)) {
@@ -531,6 +533,8 @@
slave_dev = dev_get_by_name(sc.slave_name);
ret = -EINVAL;
+ if (!slave_dev)
+ return ret;
spin_lock_bh(&eql->queue.lock);
if (eql_is_slave(slave_dev)) {
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: linux-2.6.7 Equalizer Load-balancer. eql.c. local non-privileged DoS
2004-06-18 11:35 ` linux-2.6.7 Equalizer Load-balancer. eql.c. local non-privileged DoS Herbert Xu
@ 2004-06-19 21:05 ` Jeff Garzik
0 siblings, 0 replies; 2+ messages in thread
From: Jeff Garzik @ 2004-06-19 21:05 UTC (permalink / raw)
To: Herbert Xu; +Cc: Vitaly V. Bursov, linux-kernel, alan, davem, netdev
applied
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2004-06-19 21:05 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <20040618115153.3ad2dc32.vitalyvb@ukr.net>
2004-06-18 11:35 ` linux-2.6.7 Equalizer Load-balancer. eql.c. local non-privileged DoS Herbert Xu
2004-06-19 21:05 ` Jeff Garzik
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).