CVE-2014-2678 net: rds: deref of NULL dev in rds_iw_laddr_check (rhbz 1083274 1083280)
This commit is contained in:
parent
6994f1662a
commit
0a005ac427
10
kernel.spec
10
kernel.spec
|
@ -787,6 +787,10 @@ Patch25052: net-xen-netback-disable-rogue-vif-in-kthread-context.patch
|
|||
#will go upstream for 3.15, and will be backported to stable releases
|
||||
Patch25053: input-cypress_ps2-Don-t-report-the-cypress-PS-2-trac.patch
|
||||
|
||||
#CVE-2014-2678 rhbz 1083274 1083280
|
||||
Patch25054: rds-prevent-dereference-of-a-NULL-device-in-rds_iw_laddr_check.patch
|
||||
|
||||
|
||||
# END OF PATCH DEFINITIONS
|
||||
|
||||
%endif
|
||||
|
@ -1519,6 +1523,9 @@ ApplyPatch net-xen-netback-disable-rogue-vif-in-kthread-context.patch
|
|||
#https://bugs.freedesktop.org/show_bug.cgi?id=76341
|
||||
ApplyPatch input-cypress_ps2-Don-t-report-the-cypress-PS-2-trac.patch
|
||||
|
||||
#CVE-2014-2678 rhbz 1083274 1083280
|
||||
ApplyPatch rds-prevent-dereference-of-a-NULL-device-in-rds_iw_laddr_check.patch
|
||||
|
||||
# END OF PATCH APPLICATIONS
|
||||
|
||||
%endif
|
||||
|
@ -2331,6 +2338,9 @@ fi
|
|||
# and build.
|
||||
|
||||
%changelog
|
||||
* Tue Apr 01 2014 Josh Boyer <jwboyer@fedoraproject.org>
|
||||
- CVE-2014-2678 net: rds: deref of NULL dev in rds_iw_laddr_check (rhbz 1083274 1083280)
|
||||
|
||||
* Mon Mar 31 2014 Justin M. Forbes <jforbes@fedoraproject.org> - 3.13.8-100
|
||||
- Linux v3.13.8
|
||||
|
||||
|
|
|
@ -0,0 +1,31 @@
|
|||
Bugzilla: 1083280
|
||||
Upstream-status: Queued for 3.15
|
||||
|
||||
From bf39b4247b8799935ea91d90db250ab608a58e50 Mon Sep 17 00:00:00 2001
|
||||
From: Sasha Levin <sasha.levin@oracle.com>
|
||||
Date: Sat, 29 Mar 2014 20:39:35 -0400
|
||||
Subject: rds: prevent dereference of a NULL device in rds_iw_laddr_check
|
||||
|
||||
Binding might result in a NULL device which is later dereferenced
|
||||
without checking.
|
||||
|
||||
Signed-off-by: Sasha Levin <sasha.levin@oracle.com>
|
||||
Signed-off-by: David S. Miller <davem@davemloft.net>
|
||||
|
||||
diff --git a/net/rds/iw.c b/net/rds/iw.c
|
||||
index 7826d46..5899356 100644
|
||||
--- a/net/rds/iw.c
|
||||
+++ b/net/rds/iw.c
|
||||
@@ -239,7 +239,8 @@ static int rds_iw_laddr_check(__be32 addr)
|
||||
ret = rdma_bind_addr(cm_id, (struct sockaddr *)&sin);
|
||||
/* due to this, we will claim to support IB devices unless we
|
||||
check node_type. */
|
||||
- if (ret || cm_id->device->node_type != RDMA_NODE_RNIC)
|
||||
+ if (ret || !cm_id->device ||
|
||||
+ cm_id->device->node_type != RDMA_NODE_RNIC)
|
||||
ret = -EADDRNOTAVAIL;
|
||||
|
||||
rdsdebug("addr %pI4 ret %d node type %d\n",
|
||||
--
|
||||
cgit v0.10.1
|
||||
|
Loading…
Reference in New Issue