blob: 5006f45e27db82f6850b0d628104af0d8eba01b0 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
|
Description: NetLabel: null pointer dereference while receiving CIPSO packet with null category
References:
https://www.openwall.com/lists/oss-security/2020/05/12/2
https://lore.kernel.org/netdev/07d99ae197bfdb2964931201db67b6cd0b38db5b.1589276729.git.pabeni@redhat.com/
Notes:
carnil> Introduced in 4b8feff251da ("netlabel: fix the horribly broken
carnil> catmap functions") in 3.17-rc1 and ceba1832b1b2 ("calipso: Set
carnil> the calipso socket label to match the secattr.") in 4.8. We
carnil> enabled furthermore CONFIG_NETLABEL only starting in 5.6.7-1.
Bugs:
upstream: released (5.7-rc6) [eead1c2ea2509fd754c6da893a94f0e69e83ebe4]
4.19-upstream-stable: released (4.19.124) [caf6c20c6421ca687751d27b96c8021c655e56e6]
4.9-upstream-stable: released (4.9.224) [9232577ef3e10775eefe7f2689cbf851c8b13d80]
3.16-upstream-stable: N/A "Vulnerability introduced later"
sid: released (5.6.14-1)
4.19-buster-security: released (4.19.118-2+deb10u1) [bugfix/all/netlabel-cope-with-NULL-catmap.patch]
4.9-stretch-security: released (4.9.210-1+deb9u1) [bugfix/all/netlabel-cope-with-NULL-catmap.patch]
3.16-jessie-security: N/A "Vulnerability introduced later"
|
