Files
kernel/include/net
Steffen Klassert 9afe83f62a esp: Fix possible buffer overflow in ESP transformation
[ Upstream commit ebe48d368e97d007bfeb76fcb065d6cfc4c96645 ]

The maximum message size that can be send is bigger than
the  maximum site that skb_page_frag_refill can allocate.
So it is possible to write beyond the allocated buffer.

Fix this by doing a fallback to COW in that case.

v2:

Avoid get get_order() costs as suggested by Linus Torvalds.

Fixes: cac2661c53 ("esp4: Avoid skb_cow_data whenever possible")
Fixes: 03e2a30f6a ("esp6: Avoid skb_cow_data whenever possible")
Reported-by: valis <sec@valis.email>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2022-03-16 14:26:42 +01:00
..
2021-11-04 21:04:25 +09:00
2021-07-01 13:19:48 -07:00
2021-06-11 13:32:46 -07:00
2021-11-01 13:36:09 +00:00
2021-10-13 09:40:45 -07:00
2021-10-13 09:40:46 -07:00
2021-10-13 09:40:46 -07:00
2021-07-29 12:18:11 +01:00
2020-05-05 13:23:29 -07:00
2019-12-09 10:36:44 -08:00
2020-06-22 21:12:44 -07:00
2021-10-15 11:33:08 +01:00
2021-07-27 20:11:44 +01:00
2021-10-13 09:40:46 -07:00
2021-07-27 13:05:56 +01:00
2019-12-09 10:36:44 -08:00
2020-03-04 13:25:55 -08:00
2021-10-19 12:24:51 +01:00
2021-05-17 15:29:35 -07:00
2021-10-13 09:40:45 -07:00
2021-08-04 10:01:26 +01:00
2019-10-05 16:29:00 -07:00
2021-08-03 13:05:26 +01:00
2020-06-18 20:46:23 -07:00
2019-12-09 10:28:43 -08:00
2021-09-28 00:18:35 +02:00