Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <20170228162309.e22hyhgw4id7dgdn@eldamar.local>
Date: Tue, 28 Feb 2017 17:23:09 +0100
From: Salvatore Bonaccorso <carnil@...ian.org>
To: OSS Security Mailinglist <oss-security@...ts.openwall.com>
Subject: Linux: ip: fix IP_CHECKSUM handling (CVE-2017-6347)

Hi

CVE-2017-6347 was assigned by MITRE to the following (via
https://cveform.mitre.org/):

https://git.kernel.org/linus/ca4ef4574f1ee5252e2cd365f8f5d5bafd048f32

> ip: fix IP_CHECKSUM handling
> 
> The skbs processed by ip_cmsg_recv() are not guaranteed to
> be linear e.g. when sending UDP packets over loopback with
> MSGMORE.
> Using csum_partial() on [potentially] the whole skb len
> is dangerous; instead be on the safe side and use skb_checksum().
> 
> Thanks to syzkaller team to detect the issue and provide the
> reproducer.

The issue was introduced in 4.0 by commit ad6f939ab193. The fix as
well backported to 4.9.13.

Regards,
Salvatore

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.