Commit b5777b04 authored by Dann Frazier's avatar Dann Frazier

* bugfix/nfnetlink_log-null-deref.patch

  [SECURITY] Fix remotely exploitable NULL pointer dereference in
  nfulnl_recv_config()
  See CVE-2007-1496

svn path=/dists/etch-security/linux-2.6/; revision=8529
parent b7e9b9b4
linux-2.6 (2.6.18.dfsg.1-12etch2) UNRELEASED; urgency=high
* bugfix/nfnetlink_log-null-deref.patch
[SECURITY] Fix remotely exploitable NULL pointer dereference in
nfulnl_recv_config()
See CVE-2007-1496
-- dann frazier <dannf@debian.org> Mon, 30 Apr 2007 17:20:14 -0600
linux-2.6 (2.6.18.dfsg.1-12etch1) stable-security; urgency=high
* bugfix/core-dump-unreadable-PT_INTERP.patch
......
From: Michal Miroslaw <mirq-linux@rere.qmqm.pl>
Date: Sun, 4 Mar 2007 23:59:20 +0000 (-0800)
Subject: [NETFILTER]: nfnetlink_log: fix possible NULL pointer dereference
X-Git-Tag: v2.6.21~469^2~10
X-Git-Url: http://git.kernel.org/?p=linux%2Fkernel%2Fgit%2Ftorvalds%2Flinux-2.6.git;a=commitdiff_plain;h=dd16704eba171b32ef0cded3a4f562b33b911066
[NETFILTER]: nfnetlink_log: fix possible NULL pointer dereference
Eliminate possible NULL pointer dereference in nfulnl_recv_config().
Signed-off-by: Michal Miroslaw <mirq-linux@rere.qmqm.pl>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
---
diff --git a/net/netfilter/nfnetlink_log.c b/net/netfilter/nfnetlink_log.c
index 1b94051..b669db5 100644
--- a/net/netfilter/nfnetlink_log.c
+++ b/net/netfilter/nfnetlink_log.c
@@ -858,6 +858,9 @@ nfulnl_recv_config(struct sock *ctnl, struct sk_buff *skb,
ret = -EINVAL;
break;
}
+
+ if (!inst)
+ goto out;
} else {
if (!inst) {
UDEBUG("no config command, and no instance for "
@@ -911,6 +914,7 @@ nfulnl_recv_config(struct sock *ctnl, struct sk_buff *skb,
out_put:
instance_put(inst);
+out:
return ret;
}
+ bugfix/nfnetlink_log-null-deref.patch
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment