Please sign in to comment.
x25: Validate incoming call user data lengths
commit c7fd0d4 upstream. X.25 call user data is being copied in its entirety from incoming messages without consideration to the size of the destination buffers, leading to possible buffer overflows. Validate incoming call user data lengths before these copies are performed. It appears this issue was noticed some time ago, however nothing seemed to come of it: see http://www.spinics.net/lists/linux-x25/msg00043.html and commit 8db09f2. Signed-off-by: Matthew Daley <firstname.lastname@example.org> Acked-by: Eric Dumazet <email@example.com> Tested-by: Andrew Hendry <firstname.lastname@example.org> Signed-off-by: David S. Miller <email@example.com> Signed-off-by: Jiri Slaby <firstname.lastname@example.org> Signed-off-by: Greg Kroah-Hartman <email@example.com>
- Loading branch information...
Showing with 9 additions and 0 deletions.