sctp: add vtag check in sctp_sf_violation (aa0f697e) · Commits · Mirrors / git.yoctoproject.org / linux-yocto · GitLab

Commit aa0f697e authored Oct 20, 2021 by

Xin Long Committed by Jakub Kicinski Oct 22, 2021

sctp: add vtag check in sctp_sf_violation



sctp_sf_violation() is called when processing HEARTBEAT_ACK chunk
in cookie_wait state, and some other places are also using it.

The vtag in the chunk's sctphdr should be verified, otherwise, as
later in chunk length check, it may send abort with the existent
asoc's vtag, which can be exploited by one to cook a malicious
chunk to terminate a SCTP asoc.

Fixes: 1da177e4 ("Linux-2.6.12-rc2")
Signed-off-by: Xin Long <lucien.xin@gmail.com>
Acked-by: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com>
Signed-off-by: Jakub Kicinski <kuba@kernel.org>

parent a64b341b

Hide whitespace changes

Inline Side-by-side

mirror @mirror
mentioned in commit 14c1e02b
· Nov 06, 2021

mentioned in commit 14c1e02b

mentioned in commit 14c1e02b11c2233343573aff90766ef8472f27e7

Toggle commit list
mirror @mirror
mentioned in commit dd82b3a3
· Nov 06, 2021

mentioned in commit dd82b3a3

mentioned in commit dd82b3a345abf6fc325e748469d9d7f477a0b718

Toggle commit list
mirror @mirror
mentioned in commit 0aa322b5
· Nov 06, 2021

mentioned in commit 0aa322b5

mentioned in commit 0aa322b5fe70204d3d7f9d1d4cd265fdff2e5a1f

Toggle commit list

Please register or to comment