CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit

]> CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit

projects / FreeBSD / FreeBSD.git / commit

author	Vincenzo Maffione <vmaffione@FreeBSD.org>
	Wed, 16 Mar 2022 06:58:50 +0000 (06:58 +0000)
committer	Vincenzo Maffione <vmaffione@FreeBSD.org>
	Wed, 16 Mar 2022 06:58:50 +0000 (06:58 +0000)
commit	393729916564ed13f966e09129a24e6931898d12
tree	3955c12d3dc1b3fc9b5c74b96568b84bf02c675e	tree \| snapshot
parent	694ea59c7021c25417e6d516362d2f59b4e2c343	commit \| diff

netmap: Fix TOCTOU vulnerability in nmreq_copyin

The total size of the user-provided nmreq was first computed and then
trusted during the copyin. This might lead to kernel memory corruption
and escape from jails/containers.

Reported by: Lucas Leong (@_wmliang_) of Trend Micro Zero Day Initiative
Security: CVE-2022-23084
MFC after: 3 days

sys/dev/netmap/netmap.c

diff | blob | history

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom