Skip to content
Snippets Groups Projects
Commit b7a7f2b9 authored by Phil Blundell's avatar Phil Blundell Committed by Greg Kroah-Hartman
Browse files

econet: fix CVE-2010-3848 


commit a27e13d3 upstream.

Don't declare variable sized array of iovecs on the stack since this
could cause stack overflow if msg->msgiovlen is large.  Instead, coalesce
the user-supplied data into a new buffer and use a single iovec for it.

Signed-off-by: default avatarPhil Blundell <philb@gnu.org>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
[Adjusted to apply to 2.6.32 by dann frazier <dannf@debian.org>]
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@suse.de>
parent 8200a2e1
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 31 additions and 31 deletions
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Copyright © Eclipse Foundation, Inc. All Rights Reserved.     Privacy Policy | Terms of Use | Copyright Agent