linux/include/net/sctp
Sridhar Samudrala c164a9ba0a Fix sctp privilege elevation (CVE-2006-3745)
sctp_make_abort_user() now takes the msg_len along with the msg
so that we don't have to recalculate the bytes in iovec.
It also uses memcpy_fromiovec() so that we don't go beyond the
length allocated.

It is good to have this fix even if verify_iovec() is fixed to
return error on overflow.

Signed-off-by: Sridhar Samudrala <sri@us.ibm.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-08-22 12:52:23 -07:00
..
command.h [SCTP]: Set sk_err so that poll wakes up after a non-blocking connect failure. 2006-05-19 10:58:12 -07:00
constants.h [TCP]: Move the tcp sock states to net/tcp_states.h 2005-08-29 15:41:54 -07:00
sctp.h Fix sctp privilege elevation (CVE-2006-3745) 2006-08-22 12:52:23 -07:00
sm.h Fix sctp privilege elevation (CVE-2006-3745) 2006-08-22 12:52:23 -07:00
structs.h [SCTP]: ADDIP: Don't use an address as source until it is ASCONF-ACKed 2006-07-21 14:49:25 -07:00
tsnmap.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ulpevent.h [PATCH] gfp flags annotations - part 1 2005-10-08 15:00:57 -07:00
ulpqueue.h [PATCH] gfp flags annotations - part 1 2005-10-08 15:00:57 -07:00
user.h [SCTP]: Verify all the paths to a peer via heartbeat before using them. 2006-07-21 14:48:50 -07:00