CVS commit: src/sys/net

To: source-changes%NetBSD.org@localhost
Subject: CVS commit: src/sys/net
From: "Martin Husemann" <martin%netbsd.org@localhost>
Date: Wed, 4 May 2022 14:30:04 +0000

Module Name:    src
Committed By:   martin
Date:           Wed May  4 14:30:04 UTC 2022

Modified Files:
        src/sys/net: if_pppoe.c

Log Message:
Do not allocate mbuf clusters when the caller (eroneously) asks
for more than MCLBYTES size, instead fail the allocation.

When we have received multiple PADO offer packets in the discovery
phase, do not combine tags from different packets. We are supposed
to pick one PADO packet and continue session establishment with that.

The second bug could cause code to trigger the first and create
invalid response packets and also overwrite data outside of
the allocated mbuf cluster.

Fixes CVE-2022-29867.


To generate a diff of this commit:
cvs rdiff -u -r1.178 -r1.179 src/sys/net/if_pppoe.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: src/usr.sbin/autofs
Next by Date: CVS commit: [netbsd-9] src/sys/net
Previous by Thread: CVS commit: src/usr.sbin/autofs
Next by Thread: CVS commit: [netbsd-9] src/sys/net
Indexes:

Home | Main Index | Thread Index | Old Index