linux/net/netfilter
Patrick McHardy dd7271feba [NETFILTER]: SCTP conntrack: fix crash triggered by packet without chunks
When a packet without any chunks is received, the newconntrack variable
in sctp_packet contains an out of bounds value that is used to look up an
pointer from the array of timeouts, which is then dereferenced, resulting
in a crash. Make sure at least a single chunk is present.

Problem noticed by George A. Theall <theall@tenablesecurity.com>

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-06-30 14:12:01 -07:00
..
core.c [NETFILTER]: Introduce infrastructure for address family specific operations 2006-04-09 22:25:40 -07:00
Kconfig [NETFILTER]: statistic match: add missing Kconfig help text 2006-06-29 16:57:50 -07:00
Makefile [SECMARK]: Add CONNSECMARK xtables target 2006-06-17 21:30:03 -07:00
nf_conntrack_core.c [SECMARK]: Add secmark support to conntrack 2006-06-17 21:30:01 -07:00
nf_conntrack_ftp.c [NETFILTER]: FTP helper: search optimization 2006-06-17 21:29:07 -07:00
nf_conntrack_l3proto_generic.c [NETFILTER]: nf_conntrack: Fix module refcount dropping too far 2006-04-24 17:27:28 -07:00
nf_conntrack_netlink.c [NETFILTER]: nf_conntrack: Fix undefined references to local_bh_* 2006-06-29 16:57:42 -07:00
nf_conntrack_proto_generic.c [NETFILTER]: Fix timeout sysctls on big-endian 64bit architectures 2006-01-10 12:54:35 -08:00
nf_conntrack_proto_sctp.c [NETFILTER]: SCTP conntrack: fix crash triggered by packet without chunks 2006-06-30 14:12:01 -07:00
nf_conntrack_proto_tcp.c [NETFILTER]: conntrack: add sysctl to disable checksumming 2006-06-17 21:28:57 -07:00
nf_conntrack_proto_udp.c [NETFILTER]: conntrack: add sysctl to disable checksumming 2006-06-17 21:28:57 -07:00
nf_conntrack_standalone.c [SECMARK]: Add secmark support to conntrack 2006-06-17 21:30:01 -07:00
nf_internals.h
nf_log.c
nf_queue.c [NETFILTER]: Introduce infrastructure for address family specific operations 2006-04-09 22:25:40 -07:00
nf_sockopt.c [NET]: Identation & other cleanups related to compat_[gs]etsockopt cset 2006-03-20 22:48:35 -08:00
nfnetlink_log.c [NETFILTER]: nfnetlink_log: fix byteorder confusion 2006-05-19 02:17:18 -07:00
nfnetlink_queue.c [NETFILTER]: ip_queue/nfnetlink_queue: drop bridge port references when dev disappears 2006-06-29 16:57:48 -07:00
nfnetlink.c [NETLINK]: Encapsulate eff_cap usage within security framework. 2006-06-29 16:57:55 -07:00
x_tables.c [NETFILTER]: x_tables: don't use __copy_{from,to}_user on unchecked memory in compat layer 2006-05-03 23:20:27 -07:00
xt_CLASSIFY.c [NETFILTER]: Rename init functions. 2006-03-28 17:02:48 -08:00
xt_comment.c [NETFILTER]: Rename init functions. 2006-03-28 17:02:48 -08:00
xt_connbytes.c [NETFILTER]: Rename init functions. 2006-03-28 17:02:48 -08:00
xt_connmark.c [NETFILTER]: x_tables: remove some unnecessary casts 2006-06-17 21:28:45 -07:00
xt_CONNMARK.c [NETFILTER]: Rename init functions. 2006-03-28 17:02:48 -08:00
xt_CONNSECMARK.c [SECMARK]: Add CONNSECMARK xtables target 2006-06-17 21:30:03 -07:00
xt_conntrack.c [NETFILTER]: Rename init functions. 2006-03-28 17:02:48 -08:00
xt_dccp.c [NETFILTER]: x_tables: remove some unnecessary casts 2006-06-17 21:28:45 -07:00
xt_esp.c [NETFILTER]: x_tables: unify IPv4/IPv6 esp match 2006-04-01 02:22:30 -08:00
xt_helper.c [NETFILTER]: Rename init functions. 2006-03-28 17:02:48 -08:00
xt_length.c [NETFILTER]: Rename init functions. 2006-03-28 17:02:48 -08:00
xt_limit.c [NETFILTER]: Rename init functions. 2006-03-28 17:02:48 -08:00
xt_mac.c [NETFILTER]: Rename init functions. 2006-03-28 17:02:48 -08:00
xt_mark.c [NETFILTER]: x_tables: remove some unnecessary casts 2006-06-17 21:28:45 -07:00
xt_MARK.c [NETFILTER]: Rename init functions. 2006-03-28 17:02:48 -08:00
xt_multiport.c [NETFILTER]: x_tables: add SCTP/DCCP support where missing 2006-06-17 21:28:47 -07:00
xt_NFQUEUE.c [NETFILTER]: Rename init functions. 2006-03-28 17:02:48 -08:00
xt_NOTRACK.c [NETFILTER]: Rename init functions. 2006-03-28 17:02:48 -08:00
xt_physdev.c [NETFILTER]: Rename init functions. 2006-03-28 17:02:48 -08:00
xt_pkttype.c [NETFILTER]: Rename init functions. 2006-03-28 17:02:48 -08:00
xt_policy.c [IPSEC]: Kill unused decap state structure 2006-04-01 00:54:16 -08:00
xt_quota.c [NETFILTER]: x_tables: add quota match 2006-06-17 21:28:49 -07:00
xt_realm.c [NETFILTER]: Rename init functions. 2006-03-28 17:02:48 -08:00
xt_sctp.c [NETFILTER]: xt_sctp: fix --chunk-types matching 2006-06-29 16:57:46 -07:00
xt_SECMARK.c [SECMARK]: Add xtables SECMARK target 2006-06-17 21:29:59 -07:00
xt_state.c [NETFILTER]: Rename init functions. 2006-03-28 17:02:48 -08:00
xt_statistic.c [NETFILTER]: x_tables: add statistic match 2006-06-17 21:28:51 -07:00
xt_string.c [NETFILTER]: x_tables: remove some unnecessary casts 2006-06-17 21:28:45 -07:00
xt_tcpmss.c [NETFILTER]: Rename init functions. 2006-03-28 17:02:48 -08:00
xt_tcpudp.c [NETFILTER]: xt_tcpudp: fix double unregistration in error path 2006-06-29 16:57:44 -07:00