linux-next/dccp at 648f0c28df282636c0c8a7a19ca3ce5fc80a39c3 - linux-next - MyRedstone

Kernel/linux-next

mirror of https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git synced 2025-01-11 16:29:05 +00:00

History

Eric Dumazet 648f0c28df net/dccp: fix use-after-free in dccp_invalid_packet

pskb_may_pull() can reallocate skb->head, we need to reload dh pointer
in dccp_invalid_packet() or risk use after free.

Bug found by Andrey Konovalov using syzkaller.

Signed-off-by: Eric Dumazet <edumazet@google.com>
Reported-by: Andrey Konovalov <andreyknvl@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

2016-11-29 20:37:26 -05:00

..

dccp: re-enable debug macro

2014-02-16 23:45:00 -05:00

ackvec.c

dccp: drop null test before destroy functions

2015-09-15 16:49:43 -07:00

ackvec.h

net: dccp: Remove extern from function prototypes

2013-10-19 19:12:11 -04:00

ccid.c

dccp: drop null test before destroy functions

2015-09-15 16:49:43 -07:00

ccid.h

net: dccp: Remove extern from function prototypes

2013-10-19 19:12:11 -04:00

dccp.h

net: snmp: kill STATS_BH macros

2016-04-27 22:48:25 -04:00

diag.c

sock_diag: specify info_size per inet protocol

2015-06-15 19:49:22 -07:00

feat.c

dccp: kerneldoc warning fixes

2014-11-18 15:26:31 -05:00

feat.h

net: dccp: Remove extern from function prototypes

2013-10-19 19:12:11 -04:00

input.c

dccp: do not assume DCCP code is non preemptible

2016-05-02 17:02:25 -04:00

ipv4.c

net/dccp: fix use-after-free in dccp_invalid_packet

2016-11-29 20:37:26 -05:00

ipv6.c

ipv6: dccp: add missing bind_conflict to dccp_ipv6_mapped

2016-11-03 16:50:27 -04:00

ipv6.h

inet: includes a sock_common in request_sock

2013-10-10 00:08:07 -04:00

Kconfig

net/dccp: remove depends on CONFIG_EXPERIMENTAL

2013-01-11 11:39:34 -08:00

Makefile

dccp: Policy-based packet dequeueing infrastructure

2010-12-07 13:47:12 +01:00

minisocks.c

dccp: rename DCCP_INC_STATS_BH()

2016-04-27 22:48:22 -04:00

options.c

dccp: do not assume DCCP code is non preemptible

2016-05-02 17:02:25 -04:00

output.c

net: Generalise wq_has_sleeper helper

2015-11-30 14:47:33 -05:00

probe.c

Use 64-bit timekeeping

2015-11-01 17:01:16 -05:00

proto.c

dccp: do not send reset to already closed sockets

2016-11-03 16:16:51 -04:00

qpolicy.c

dccp qpolicy: Parameter checking of cmsg qpolicy parameters

2010-12-07 13:47:12 +01:00

sysctl.c

dccp: make the request_retries minimum is 1

2014-05-14 15:34:16 -04:00

timer.c

net: rename NET_{ADD|INC}_STATS_BH()

2016-04-27 22:48:24 -04:00