cvs commit: src/sys/compat/linux linux_socket.c
David Schultz
das at FreeBSD.org
Wed Mar 23 00:28:03 PST 2005
das 2005-03-23 08:28:00 UTC
FreeBSD src repository
Modified files:
sys/compat/linux linux_socket.c
Log:
Reject packets larger than IP_MAXPACKET in linux_sendto() for sockets
with the IP_HDRINCL option set. Without this change, a Linux process
with access to a raw socket could cause a kernel panic. Raw sockets
must be created by root, and are generally not consigned to untrusted
applications; hence, the security implications of this bug are
minimal. I believe this only affects 6-CURRENT on or after 2005-01-30.
Found by: Coverity Prevent analysis tool
Security: Local DOS
Revision Changes Path
1.58 +3 -2 src/sys/compat/linux/linux_socket.c
More information about the cvs-src
mailing list