Thanks to visit codestin.com
Credit goes to github.com

Skip to content

cve-2023-0179 #215

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jan 17, 2023
Merged

cve-2023-0179 #215

merged 1 commit into from
Jan 17, 2023

Conversation

13r0ck
Copy link

@13r0ck 13r0ck commented Jan 17, 2023

@ummakynes @13r0ck
netfilter: nft_payload: incorrect arithmetics when fetching VLAN head…
e15d5b5 
…er bits

If the offset + length goes over the ethernet + vlan header, then the
length is adjusted to copy the bytes that are within the boundaries of
the vlan_ethhdr scratchpad area. The remaining bytes beyond ethernet +
vlan header are copied directly from the skbuff data area.

Fix incorrect arithmetic operator: subtract, not add, the size of the
vlan header in case of double-tagged packets to adjust the length
accordingly to address CVE-2023-0179.

Reported-by: Davide Ornaghi <[email protected]>
Fixes: f6ae9f1 ("netfilter: nft_payload: add C-VLAN support")
Signed-off-by: Pablo Neira Ayuso <[email protected]>
@13r0ck 13r0ck requested review from a team January 17, 2023 14:42
@13r0ck 13r0ck mentioned this pull request Jan 17, 2023
Closed
1 task
@13r0ck 13r0ck merged commit e15d5b5 into master Jan 17, 2023
@13r0ck 13r0ck deleted the cve-2023-0179 branch January 17, 2023 14:51
This was referenced Jan 17, 2023
Closed
Merged
@n3m0-22
Copy link

n3m0-22 commented Jan 17, 2023

Testing (not including 150 suspend/resume running now) has passed on lemp11,gaze15,Dev One.

testing- lemp11.txt
testing-gaze15.txt
testing-dev_one.txt

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jackpot51 jackpot51 jackpot51 approved these changes

+1 more reviewer

@n3m0-22 n3m0-22 n3m0-22 approved these changes

Reviewers whose approvals may not affect merge requirements
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@13r0ck @n3m0-22 @jackpot51 @ummakynes