fdo-mirrors/NetworkManager
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/NetworkManager/NetworkManager.git synced 2025-12-26 05:20:08 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

dhcp6: make sure we have enough space for the DHCP6 option header

Browse source 
Fixes a vulnerability originally discovered by Felix Wilhelm from
Google.

CVE-2018-15688
LP: #1795921
https://bugzilla.redhat.com/show_bug.cgi?id=1639067

(cherry picked from commit 4dac5eaba4e419b29c97da38a8b1f82336c2c892)
(cherry picked from commit 01ca2053bb)
(cherry picked from commit fc230dca13)
(cherry picked from commit cc1e5a7f57)
(cherry picked from commit c3221cb0c5)
(cherry picked from commit f4f7655341)
(cherry picked from commit 2a25872910)
(cherry picked from commit ec471872e4)
This commit is contained in:
Lennart Poettering 2018-10-19 12:12:33 +02:00 committed by Thomas Haller
parent 694cdacfc6
commit 6e56de0d87
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/systemd/src/libsystemd-network/dhcp6-option.c
View file

@ -103,7 +103,7 @@ int dhcp6_option_append_ia(uint8_t **buf, size_t *buflen, DHCP6IA *ia) {
return -EINVAL;
}
if (*buflen < len)
if (*buflen < offsetof(DHCP6Option, data) + len)
return -ENOBUFS;
ia_hdr = *buf;