From 49453fa0b26b0c5dfc6ea2c224c7d21d992579cf Mon Sep 17 00:00:00 2001 From: Michal Kubecek Date: Jan 31 2022 16:08:51 +0000 Subject: Merge branch 'users/dkirjanov/cve/linux-5.3/bsc1195254' into SLE15-SP2-LTSS_EMBARGO Pull a networking security fix from Denis Kirjanov. --- diff --git a/patches.suse/net-tipc-validate-domain-record-count-on-input.patch b/patches.suse/net-tipc-validate-domain-record-count-on-input.patch new file mode 100644 index 0000000..9a37561 --- /dev/null +++ b/patches.suse/net-tipc-validate-domain-record-count-on-input.patch @@ -0,0 +1,28 @@ +From 170d40fe8a20eafd725b0ce3a5685e0c4b758cbf Mon Sep 17 00:00:00 2001 +From: Denis Kirjanov +Date: Fri, 28 Jan 2022 19:43:28 +0300 +Subject: [PATCH] net: tipc: validate domain record count on input +Patch-mainline: Not yet, will be submitted upstream` +References: bsc#1195254 + +Signed-off-by: Denis Kirjanov +--- + net/tipc/monitor.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/net/tipc/monitor.c b/net/tipc/monitor.c +index 254ddc2c3914..99fcb42d0af2 100644 +--- a/net/tipc/monitor.c ++++ b/net/tipc/monitor.c +@@ -463,6 +463,8 @@ void tipc_mon_rcv(struct net *net, void + return; + if ((dlen < new_dlen) || ntohs(arrv_dom->len) != new_dlen) + return; ++ if (new_member_cnt >= MAX_MON_DOMAIN) ++ return; + + /* Synch generation numbers with peer if link just came up */ + if (!state->synched) { +-- +2.16.4 + diff --git a/series.conf b/series.conf index db6d8b4..48aa805 100644 --- a/series.conf +++ b/series.conf @@ -22881,6 +22881,7 @@ patches.suse/SUNRPC-xprt-async-tasks-mustn-t-block-waiting-for-me.patch patches.suse/media-Revert-media-uvcvideo-Set-unique-vdev-name-bas.patch patches.suse/0001-mmc-moxart_remove-Fix-UAF.patch + patches.suse/net-tipc-validate-domain-record-count-on-input.patch ######################################################## # kbuild/module infrastructure fixes