projects / platform / upstream / busybox.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 5ec5828) | patch
Steve Grubb writes:
authorEric Andersen <andersen@codepoet.org>
Wed, 5 May 2004 07:05:32 +0000 (07:05 -0000)
committerEric Andersen <andersen@codepoet.org>
Wed, 5 May 2004 07:05:32 +0000 (07:05 -0000)
commit6c8161d69fe9fce0f862b678aaa84866aaaeff8f
tree28ca3d47c5325c070ffc3e84b136d8bed02a328ftree | snapshot
parent5ec58285c3990ebab9900295f1a1d32824338719commit | diff
Steve Grubb writes:

Hello,

Last November a bug was found in iproute. CAN-2003-0856 has more information.
Basically, netlink packets can come from any user. If a program performs action
based on netlink packets, they must be examined to make sure they came from the
place they are expected (the kernel).

Attached is a patch against pre8. Please apply this before releasing 1.00 final.
All users of busy box may be vulnerable to local attacks without it.

Best Regards,
Steve Grubb
networking/libiproute/libnetlink.c diff | blob | history
Domain: System / Uncategorized;