cvs commit: src/sys/net if.c

Pawel Jakub Dawidek pjd at FreeBSD.org
Mon Feb 14 13:08:31 GMT 2005


On Mon, Feb 14, 2005 at 10:33:31AM +0100, Simon L. Nielsen wrote:
+> On 2005.02.14 10:26:48 +0300, Gleb Smirnoff wrote:
+> > On Mon, Feb 14, 2005 at 05:42:06AM +0000, Xin LI wrote:
+> > X> delphij     2005-02-14 05:42:06 UTC
+> > X> 
+> > X>   FreeBSD src repository
+> > X> 
+> > X>   Modified files:        (Branch: RELENG_5)
+> > X>     sys/net              if.c 
+> > X>   Log:
+> > X>   MFC 1.218+1.219:
+> > X>   
+> > X>   Validate ifc->ifc_len before submitting its incarnation to sbuf_new,
+> > X>   which will finally lead to kernel panic.
+> > X>   
+> > X>   Security:       This prevents a local DoS that can be exploited by
+> > X>   Security:       both privileged and unprivileged users.
+> > X>   Submitted by:   Wojciech A. Koszek [dunstan at freebsd czest pl]
+> > X>   PR:             77421
+> > X>   
+> > X>   Early MFC discussed with and reviewed by:
+> > X>                   security (simon, trhodes)
+> > 
+> > Is it going to be put into RELENG_5_3?
+> 
+> Since we don't issue security advisories for local DoS'es I don't
+> think so, but it's not my call.

It definitely should go into RELENG_5_3, but as an errata.

-- 
Pawel Jakub Dawidek                       http://www.wheel.pl
pjd at FreeBSD.org                           http://www.FreeBSD.org
FreeBSD committer                         Am I Evil? Yes, I Am!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/cvs-src/attachments/20050214/d1314512/attachment.bin


More information about the cvs-src mailing list