Techwizz/kernel-fxtec-pro1x
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
kernel-fxtec-pro1x/net
History
Chuck Lever 0ebb986361 SUNRPC: Properly set the @subbuf parameter of xdr_buf_subsegment() 
commit 89a3c9f5b9f0bcaa9aea3e8b2a616fcaea9aad78 upstream.

@subbuf is an output parameter of xdr_buf_subsegment(). A survey of
call sites shows that @subbuf is always uninitialized before
xdr_buf_segment() is invoked by callers.

There are some execution paths through xdr_buf_subsegment() that do
not set all of the fields in @subbuf, leaving some pointer fields
containing garbage addresses. Subsequent processing of that buffer
then results in a page fault.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2020-06-30 23:17:18 -04:00
..
6lowpan 6lowpan: Off by one handling ->nexthdr 2020-01-27 14:50:41 +01:00
9p 9p: Transport error uninitialized 2019-10-11 18:21:12 +02:00
802
8021q vlan: vlan_changelink() should propagate errors 2020-01-12 12:17:28 +01:00
appletalk appletalk: Set error code if register_snap_client failed 2019-12-13 08:52:59 +01:00
atm net: use skb_queue_empty_lockless() in poll() handlers 2019-11-10 11:27:48 +01:00
ax25 ax25: fix setsockopt(SO_BINDTODEVICE) 2020-06-03 08:19:02 +02:00
batman-adv batman-adv: Revert "disable ethtool link speed detection when auto negotiation off" 2020-06-22 09:05:12 +02:00
bluetooth Bluetooth: Add SCO fallback for invalid LMP parameters error 2020-06-22 09:05:11 +02:00
bpf bpf/test_run: support cgroup local storage 2018-08-03 00:47:32 +02:00
bpfilter signal/bpfilter: Fix bpfilter_kernl to use send_sig not force_sig 2020-01-27 14:50:51 +01:00
bridge net: bridge: enfore alignment for ethernet address 2020-06-30 23:17:03 -04:00
caif net: use skb_queue_empty_lockless() in poll() handlers 2019-11-10 11:27:48 +01:00
can can: gw: Fix error path of cgw_module_init 2019-08-29 08:28:30 +02:00
ceph libceph: ignore pool overlay and cache logic on redirects 2020-06-03 08:19:39 +02:00
core net: Do not clear the sock TX queue in sk_set_socket() 2020-06-30 23:17:06 -04:00
dcb net: dcb: Add priority-to-DSCP map getters 2018-07-27 13:17:50 -07:00
dccp net: ipv6: add net argument to ip6_dst_lookup_flow 2020-04-29 16:31:16 +02:00
decnet net: add bool confirm_neigh parameter for dst_ops.update_pmtu 2020-01-04 19:13:37 +01:00
dns_resolver KEYS: Don't write out to userspace while holding key semaphore 2020-04-23 10:30:24 +02:00
dsa net: dsa: mt7530: fix roaming from DSA user ports 2020-06-03 08:19:03 +02:00
ethernet net: add annotations on hh->hh_len lockless accesses 2020-01-09 10:19:09 +01:00
hsr hsr: check protocol version in hsr_newlink() 2020-04-21 09:03:03 +02:00
ieee802154 nl802154: add missing attribute validation for dev_type 2020-03-18 07:14:15 +01:00
ife
ipv4 net: Fix the arp error in some cases 2020-06-30 23:17:06 -04:00
ipv6 ip6_gre: fix use-after-free in ip6gre_tunnel_lookup() 2020-06-30 23:17:05 -04:00
iucv net/af_iucv: always register net_device notifier 2020-01-27 14:50:56 +01:00
kcm kcm: switch order of device registration to fix a crash 2019-04-17 08:38:40 +02:00
key af_key: fix leaks in key_pol_get_resp and dump_sp. 2019-07-26 09:14:01 +02:00
l2tp l2tp: do not use inet_hash()/inet_unhash() 2020-06-10 21:34:58 +02:00
l3mdev
lapb lapb: fixed leak of control-blocks. 2019-06-22 08:15:13 +02:00
llc llc: fix sk_buff refcounting in llc_conn_state_process() 2020-01-27 14:51:17 +01:00
mac80211 mac80211: mesh: fix discovery timer re-arming issue / crash 2020-06-03 08:19:43 +02:00
mac802154 net: mac802154: tx: expand tailroom if necessary 2018-08-06 11:21:37 +02:00
mpls net: ipv6_stub: use ip6_dst_lookup_flow instead of ip6_dst_lookup 2020-04-29 16:31:17 +02:00
ncsi net/ncsi: Fixup .dumpit message flags and ID check in Netlink handler 2018-08-22 21:39:08 -07:00
netfilter netfilter: ipset: fix unaligned atomic access 2020-06-30 23:17:12 -04:00
netlabel netlabel: cope with NULL catmap 2020-05-20 08:18:35 +02:00
netlink netlink: Use netlink header as base to calculate bad attribute offset 2020-03-18 07:14:12 +01:00
netrom net: netrom: Fix potential nr_neigh refcnt leak in nr_add_node 2020-04-29 16:31:21 +02:00
nfc nfc: add missing attribute validation for vendor subcommand 2020-03-18 07:14:17 +01:00
nsh nsh: set mac len based on inner packet 2018-07-12 16:55:29 -07:00
openvswitch openvswitch: support asymmetric conntrack 2019-12-21 10:57:14 +01:00
packet net/packet: tpacket_rcv: avoid a producer race condition 2020-04-02 15:28:11 +02:00
phonet net: use skb_queue_empty_lockless() in poll() handlers 2019-11-10 11:27:48 +01:00
psample net: psample: fix skb_over_panic 2019-12-05 09:21:30 +01:00
qrtr net: qrtr: Fix passing invalid reference to qrtr_local_enqueue() 2020-06-03 08:19:12 +02:00
rds net/rds: Fix 'ib_evt_handler_call' element in 'rds_ib_stat_names' 2020-01-27 14:51:13 +01:00
rfkill rfkill: Fix incorrect check to avoid NULL pointer dereference 2020-01-12 12:17:17 +01:00
rose net/rose: fix unbound loop in rose_loopback_timer() 2019-05-02 09:59:00 +02:00
rxrpc rxrpc: Fix handling of rwind from an ACK packet 2020-06-30 23:17:11 -04:00
sched sch_cake: don't call diffserv parsing code when it is not needed 2020-06-30 23:17:06 -04:00
sctp sctp: Don't advertise IPv4 addresses if ipv6only is set on the socket 2020-06-30 23:17:05 -04:00
smc net/smc: cancel event worker during device removal 2020-03-18 07:14:25 +01:00
strparser net: strparser: partially revert "strparser: Call skb_unclone conditionally" 2019-05-16 19:41:27 +02:00
sunrpc SUNRPC: Properly set the @subbuf parameter of xdr_buf_subsegment() 2020-06-30 23:17:18 -04:00
switchdev
tipc tipc: fix partial topology connection closure 2020-05-14 07:57:18 +02:00
tls net/tls: Fix to avoid gettig invalid tls record 2020-03-05 16:42:17 +01:00
unix af_unix: add compat_ioctl support 2020-01-17 19:47:07 +01:00
vmw_vsock vsock: fix timeout in vsock_accept() 2020-06-10 21:34:59 +02:00
wimax wimax: remove blank lines at EOF 2018-07-24 14:10:42 -07:00
wireless nl80211: fix NL80211_ATTR_CHANNEL_WIDTH attribute type 2020-04-02 15:28:17 +02:00
x25 net/x25: Fix x25_neigh refcnt leak when receiving frame 2020-04-29 16:31:21 +02:00
xdp xdp: Fix xsk_generic_xmit errno 2020-06-25 15:33:05 +02:00
xfrm xfrm: Fix double ESP trailer insertion in IPsec crypto offload. 2020-06-30 23:17:10 -04:00
compat.c sock: Make sock->sk_stamp thread-safe 2019-01-09 17:38:33 +01:00
Kconfig net: remove blank lines at end of file 2018-07-24 14:10:43 -07:00
Makefile bpfilter: check compiler capability in Kconfig 2018-06-28 13:36:39 +09:00
socket.c compat_ioctl: handle SIOCOUTQNSD 2020-01-17 19:47:07 +01:00
sysctl_net.c