a7y18lte-ubports/android_kernel_samsung_a7y18lte
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
e2ee71b054
android_kernel_samsung_a7y1.../net
History
Torsten Hilbrich cdd14f25b1 vti6: Fix memory leak of skb if input policy check fails 
commit 2a9de3af21aa8c31cd68b0b39330d69f8c1e59df upstream.

The vti6_rcv function performs some tests on the retrieved tunnel
including checking the IP protocol, the XFRM input policy, the
source and destination address.

In all but one places the skb is released in the error case. When
the input policy check fails the network packet is leaked.

Using the same goto-label discard in this case to fix this problem.

Fixes: ed1efb2aefbb ("ipv6: Add support for IPsec virtual tunnel interfaces")
Signed-off-by: Torsten Hilbrich <torsten.hilbrich@secunet.com>
Reviewed-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2020-04-07 14:24:31 +02:00
..
6lowpan 6lowpan: Off by one handling ->nexthdr 2020-04-07 13:41:33 +02:00
9p
802
8021q vlan: fix memory leak in vlan_dev_set_egress_priority 2020-04-07 13:29:16 +02:00
appletalk
atm
ax25
batman-adv batman-adv: Don't schedule OGM for disabled interface 2020-04-07 14:13:30 +02:00
bluetooth
bridge netfilter: ebtables: CONFIG_COMPAT: reject trailing data after last rule 2020-04-07 13:41:52 +02:00
caif
can
ceph
core net: fib_rules: Correctly set table field when table number exceeds 8 bits 2020-04-07 14:04:28 +02:00
dcb
dccp dccp: Fix memleak in __feat_register_sp 2020-04-07 13:36:40 +02:00
decnet
dns_resolver
dsa net: dsa: Fix duplicate frames flooded by learning 2020-04-07 14:23:26 +02:00
ethernet net: add annotations on hh->hh_len lockless accesses 2020-04-07 13:25:04 +02:00
hsr hsr: set .netnsok flag 2020-04-07 14:23:42 +02:00
ieee802154 nl802154: add missing attribute validation for dev_type 2020-04-07 14:11:06 +02:00
ipv4 vti[6]: fix packet tx through bpf_redirect() in XinY cases 2020-04-07 14:24:23 +02:00
ipv6 vti6: Fix memory leak of skb if input policy check fails 2020-04-07 14:24:31 +02:00
ipx
irda
iucv net/af_iucv: always register net_device notifier 2020-04-07 13:42:16 +02:00
key
l2tp
l3mdev
lapb
llc llc: fix sk_buff refcounting in llc_conn_state_process() 2020-04-07 13:43:36 +02:00
mac80211 mac80211: mark station unauthorized before key removal 2020-04-07 14:24:18 +02:00
mac802154
mpls
mptcp
ncm
netfilter netfilter: cthelper: add missing attribute validation for cthelper 2020-04-07 14:11:51 +02:00
netlabel
netlink net: netlink: cap max groups which will be considered in netlink_bind() 2020-04-07 14:04:58 +02:00
netrom
nfc nfc: add missing attribute validation for vendor subcommand 2020-04-07 14:11:13 +02:00
openvswitch
packet packet: fix data-race in fanout_flow_is_huge() 2020-04-07 13:43:55 +02:00
phonet
rds net/rds: Fix 'ib_evt_handler_call' element in 'rds_ib_stat_names' 2020-04-07 13:43:22 +02:00
rfkill rfkill: Fix incorrect check to avoid NULL pointer dereference 2020-04-07 13:28:52 +02:00
rose
rxrpc
sched net_sched: keep alloc_hash updated after hash allocation 2020-04-07 14:23:30 +02:00
sctp sctp: move the format error check out of __sctp_sf_do_9_1_abort 2020-04-07 14:04:36 +02:00
sunrpc sunrpc: expiry_time should be seconds not timeval 2020-04-07 13:50:16 +02:00
switchdev
tipc tipc: set sysctl_tipc_rmem and named_timeout right range 2020-04-07 13:41:27 +02:00
unix
vmw_vsock
wimax
wireless nl80211: add missing attribute validation for channel switch 2020-04-07 14:11:50 +02:00
x25 net/x25: fix nonblocking connect 2020-04-07 13:45:13 +02:00
xfrm xfrm: policy: Fix doulbe free in xfrm_policy_timer 2020-04-07 14:24:29 +02:00
compat.c
Kconfig
Makefile
socket.c compat_ioctl: handle SIOCOUTQNSD 2020-04-07 13:37:06 +02:00
sysctl_net.c