[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#732689: [stable] netfilter: ipset: Check and reject crazy /0 input parameters

On Tue, 24 Dec 2013, Ben Hutchings wrote:

> This fix went into Linux 3.7:
> 
> commit b9fed748185a96b7cfe74afac4bd228e8af16f01
> Author: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
> Date:   Tue Sep 4 17:45:59 2012 +0200
> 
>     netfilter: ipset: Check and reject crazy /0 input parameters
>     
>     bitmap:ip and bitmap:ip,mac type did not reject such a crazy range
>     when created and using such a set results in a kernel crash.
>     The hash types just silently ignored such parameters.
>     
>     Reject invalid /0 input parameters explicitely.
>     
>     Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
> 
> Should it also go into stable 3.x.y updates?  I checked that it applies
> and builds cleanly on top of 3.2.53.

Yes, it should go into the stable updates too.

Best regards,
Jozsef
-
E-mail  : kadlec@blackhole.kfki.hu, kadlecsik.jozsef@wigner.mta.hu
PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt
Address : Wigner Research Centre for Physics, Hungarian Academy of Sciences
          H-1525 Budapest 114, POB. 49, Hungary
Reply to: