netfilter: ipset: Check IPSET_ATTR_ETHER netlink attribute length
Julia Lawall pointed out that IPSET_ATTR_ETHER netlink attribute length was not checked explicitly, just for the maximum possible size. Malicious netlink clients could send shorter attribute and thus resulting a kernel read after the buffer. The patch adds the explicit length checkings. Reported-by: NJulia Lawall <julia.lawall@lip6.fr> Signed-off-by: NJozsef Kadlecsik <kadlec@blackhole.kfki.hu>
Showing
想要评论请 注册 或 登录