xfrm4: Fix uninitialized memory read in _decode_session4 (8742dc86) · Commits · Mirrors / git.kernel.org / pub_scm_linux_kernel_git_stable_linux · GitLab

Commit 8742dc86 authored Feb 26, 2019 by

Steffen Klassert

xfrm4: Fix uninitialized memory read in _decode_session4

We currently don't reload pointers pointing into skb header
after doing pskb_may_pull() in _decode_session4(). So in case
pskb_may_pull() changed the pointers, we read from random
memory. Fix this by putting all the needed infos on the
stack, so that we don't need to access the header pointers
after doing pskb_may_pull().

Fixes: 1da177e4

 ("Linux-2.6.12-rc2")
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>

parent 025c65e1

Hide whitespace changes

Inline Side-by-side

mirror @mirror
mentioned in commit c3877029
· Aug 14, 2019

mentioned in commit c3877029

mentioned in commit c3877029d2374d70aa35961c596555f14b798f62

Toggle commit list

Please register or to comment