nagai/kernel
3
0
Fork 0
forked from mirrors/linux
Code Pull requests Activity
kernel/net/ipv6
History
Ido Schimmel 7632fedb26 seg6: Fix validation of nexthop addresses 
The kernel currently validates that the length of the provided nexthop
address does not exceed the specified length. This can lead to the
kernel reading uninitialized memory if user space provided a shorter
length than the specified one.

Fix by validating that the provided length exactly matches the specified
one.

Fixes: d1df6fd8a1 ("ipv6: sr: define core operations for seg6local lightweight tunnel")
Reviewed-by: Petr Machata <petrm@nvidia.com>
Signed-off-by: Ido Schimmel <idosch@nvidia.com>
Reviewed-by: David Ahern <dsahern@kernel.org>
Link: https://patch.msgid.link/20250604113252.371528-1-idosch@nvidia.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2025-06-05 08:03:17 -07:00
..
ila net: Fix checksum update for ILA adj-transport 2025-05-30 19:53:51 -07:00
netfilter netfilter: nf_dup{4, 6}: Move duplication check to task_struct 2025-05-23 13:57:12 +02:00
addrconf.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2025-05-08 08:59:02 -07:00
addrconf_core.c ipv6: Ensure natural alignment of const ipv6 loopback and router addresses 2024-01-30 12:43:18 +01:00
addrlabel.c ipv6: Use nlmsg_payload in addrlabel file 2025-04-16 18:33:02 -07:00
af_inet6.c ovpn: implement TCP transport 2025-04-17 12:30:03 +02:00
ah6.c net: fill in MODULE_DESCRIPTION()s for ipv6 modules 2024-02-09 14:12:01 -08:00
anycast.c netlink: add IPv6 anycast join/leave notifications 2025-01-09 12:54:45 +01:00
calipso.c netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets 2025-04-02 16:01:04 -07:00
datagram.c ipv6: annotate data-races around np->ucast_oif 2023-12-11 10:59:17 +00:00
esp6.c espintcp: remove encap socket caching to avoid reference leak 2025-04-14 11:59:17 +02:00
esp6_offload.c xfrm: Add an inbound percpu state cache. 2024-10-29 11:56:18 +01:00
exthdrs.c net: use sock_kmemdup for ip_options 2025-03-03 17:16:34 -08:00
exthdrs_core.c
exthdrs_offload.c net: gso: add HBH extension header offload support 2024-01-05 08:11:49 -08:00
fib6_notifier.c net: do not acquire rtnl in fib_seq_sum() 2024-10-11 15:35:05 -07:00
fib6_rules.c ipv6: fib_rules: Add DSCP mask matching 2025-02-21 16:08:48 -08:00
fou6.c
icmp.c inet: ping: avoid skb_clone() dance in ping_rcv() 2025-02-28 14:41:33 -08:00
inet6_connection_sock.c net: Unexport shared functions for DCCP. 2025-04-11 18:58:11 -07:00
inet6_hashtables.c inet: call inet6_ehashfn() once from inet6_hash_connect() 2025-03-06 15:26:02 -08:00
ioam6.c net: convert to nla_get_*_default() 2024-11-11 10:32:06 -08:00
ioam6_iptunnel.c net: ipv6: ioam6: fix double reallocation 2025-04-17 12:52:34 +02:00
ip6_checksum.c
ip6_fib.c ipv6: Narrow down RCU critical section in inet6_rtm_newroute(). 2025-05-20 19:18:24 -07:00
ip6_flowlabel.c treewide: Switch/rename to timer_delete[_sync]() 2025-04-05 10:30:12 +02:00
ip6_gre.c ipv6: Convert tunnel devices' ->exit_batch_rtnl() to ->exit_rtnl(). 2025-04-14 17:08:42 -07:00
ip6_icmp.c
ip6_input.c ipv6: Use RCU in ip6_input() 2025-02-06 16:14:15 -08:00
ip6_offload.c net: gro: initialize network_offset in network layer 2024-05-27 16:46:59 -07:00
ip6_offload.h
ip6_output.c net: devmem: Implement TX path 2025-05-13 11:12:48 +02:00
ip6_tunnel.c ipv6: Convert tunnel devices' ->exit_batch_rtnl() to ->exit_rtnl(). 2025-04-14 17:08:42 -07:00
ip6_udp_tunnel.c net: fill in MODULE_DESCRIPTION()s for ipv6 modules 2024-02-09 14:12:01 -08:00
ip6_vti.c ipv6: Convert tunnel devices' ->exit_batch_rtnl() to ->exit_rtnl(). 2025-04-14 17:08:42 -07:00
ip6mr.c mr: consolidate the ipmr_can_free_table() checks. 2025-05-16 17:53:48 -07:00
ipcomp6.c
ipv6_sockglue.c ipv6: avoid indirect calls for SOL_IP socket options 2024-08-26 14:53:50 -07:00
Kconfig net: ipv6: select DST_CACHE from IPV6_RPL_LWTUNNEL 2024-09-22 19:52:07 +01:00
Makefile
mcast.c ipv6: mcast: add RCU protection to mld_newpack() 2025-02-13 08:37:21 -08:00
mcast_snoop.c
mip6.c net: fill in MODULE_DESCRIPTION()s for ipv6 modules 2024-02-09 14:12:01 -08:00
ndisc.c ndisc: ndisc_send_redirect() cleanup 2025-02-15 09:08:46 -08:00
netfilter.c netfilter: bridge: Move specific fragmented packet to slow_path instead of dropping it 2025-05-05 13:13:08 +02:00
output_core.c ipv6: annotate data-races around cnf.hop_limit 2024-03-01 08:42:31 +00:00
ping.c ipv6: initialize inet socket cookies with sockcm_init 2025-02-18 18:27:20 -08:00
proc.c minmax: add a few more MIN_T/MAX_T users 2024-07-28 13:41:14 -07:00
protocol.c
raw.c ipv6: initialize inet socket cookies with sockcm_init 2025-02-18 18:27:20 -08:00
reassembly.c inet: frags: save a pair of atomic operations in reassembly 2025-03-18 13:18:36 +01:00
route.c ipv6: Revert two per-cpu var allocation for RTM_NEWROUTE. 2025-05-20 19:18:24 -07:00
rpl.c
rpl_iptunnel.c net: ipv6: fix dst ref loop on input in rpl lwt 2025-02-27 14:18:22 +01:00
seg6.c ipv6: sr: restruct ifdefines 2024-05-30 18:29:38 -07:00
seg6_hmac.c ipv6: sr: Use nested-BH locking for hmac_storage 2025-05-15 15:23:31 +02:00
seg6_iptunnel.c net: ipv6: fix dst ref loop on input in seg6 lwt 2025-02-27 14:18:21 +01:00
seg6_local.c seg6: Fix validation of nexthop addresses 2025-06-05 08:03:17 -07:00
sit.c ipv6: Convert tunnel devices' ->exit_batch_rtnl() to ->exit_rtnl(). 2025-04-14 17:08:42 -07:00
syncookies.c tcp: use sk_skb_reason_drop to free rx packets 2024-06-19 12:44:22 +01:00
sysctl_net_ipv6.c sysctl: treewide: constify the ctl_table argument of proc_handlers 2024-07-24 20:59:29 +02:00
tcp_ao.c
tcp_ipv6.c ip: load balance tcp connections to single dst addr and port 2025-04-29 16:22:25 +02:00
tcpv6_offload.c net: use sock_gen_put() when sk_state is TCP_TIME_WAIT 2025-05-01 07:00:19 -07:00
tunnel6.c net: fill in MODULE_DESCRIPTION()s for ipv6 modules 2024-02-09 14:12:01 -08:00
udp.c udp_tunnel: create a fastpath GRO lookup. 2025-04-08 18:19:41 -07:00
udp_impl.h
udp_offload.c udp_tunnel: create a fastpath GRO lookup. 2025-04-08 18:19:41 -07:00
udplite.c
xfrm6_input.c xfrm: Fix UDP GRO handling for some corner cases 2025-04-17 11:08:16 +02:00
xfrm6_output.c xfrm: Fix the usage of skb->sk 2025-01-20 07:06:53 +01:00
xfrm6_policy.c xfrm: respect ip protocols rules criteria when performing dst lookups 2024-09-23 07:02:07 +02:00
xfrm6_protocol.c
xfrm6_state.c
xfrm6_tunnel.c ipsec-next-2024-03-06 2024-03-08 10:56:05 +00:00