diff options
author | Vladis Dronov <vdronov@redhat.com> | 2017-09-13 00:21:21 +0200 |
---|---|---|
committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2017-10-05 09:35:52 +0200 |
commit | 65e3664fc6087d2941e940e38beb39920e9ae032 (patch) | |
tree | 3502b9ccd3bd565ed84fd0b904ad858c765875db /block | |
parent | 9f119f5cc0480e7d1eaa4e16ecbcddcdd5e8db6f (diff) | |
download | linux-stable-65e3664fc6087d2941e940e38beb39920e9ae032.tar.gz linux-stable-65e3664fc6087d2941e940e38beb39920e9ae032.tar.bz2 linux-stable-65e3664fc6087d2941e940e38beb39920e9ae032.zip |
nl80211: check for the required netlink attributes presence
commit e785fa0a164aa11001cba931367c7f94ffaff888 upstream.
nl80211_set_rekey_data() does not check if the required attributes
NL80211_REKEY_DATA_{REPLAY_CTR,KEK,KCK} are present when processing
NL80211_CMD_SET_REKEY_OFFLOAD request. This request can be issued by
users with CAP_NET_ADMIN privilege and may result in NULL dereference
and a system crash. Add a check for the required attributes presence.
This patch is based on the patch by bo Zhang.
This fixes CVE-2017-12153.
References: https://bugzilla.redhat.com/show_bug.cgi?id=1491046
Fixes: e5497d766ad ("cfg80211/nl80211: support GTK rekey offload")
Reported-by: bo Zhang <zhangbo5891001@gmail.com>
Signed-off-by: Vladis Dronov <vdronov@redhat.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'block')
0 files changed, 0 insertions, 0 deletions