netfilter: xt_u32: validate user space input
mainline inclusion from mainline-v6.6-rc1 commit 69c5d284 category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/I85CAT CVE: CVE-2023-39192 Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=69c5d284f67089b4750d28ff6ac6f52ec224b330 -------------------------------- The xt_u32 module doesn't validate the fields in the xt_u32 structure. An attacker may take advantage of this to trigger an OOB read by setting the size fields with a value beyond the arrays boundaries. Add a checkentry function to validate the structure. This was originally reported by the ZDI project (ZDI-CAN-18408). Fixes: 1b50b8a3 ("[NETFILTER]: Add u32 match") Cc: stable@vger.kernel.org Signed-off-by:Wander Lairson Costa <wander@redhat.com> Signed-off-by:
Loading
Please sign in to comment