RE: [PATCH] tools/hv/hv_kvp_daemon.c: Netlink source addressvalidation allows DoS
From: KY Srinivasan
Date: Tue Nov 06 2012 - 10:31:03 EST
> -----Original Message-----
> From: Tomas Hozza [mailto:thozza@xxxxxxxxxx]
> Sent: Tuesday, November 06, 2012 10:21 AM
> To: gregkh@xxxxxxxxxxxxxxxxxxx; linux-kernel@xxxxxxxxxxxxxxx;
> devel@xxxxxxxxxxxxxxxxxxxxxx; apw@xxxxxxxxxxxxx; jasowang@xxxxxxxxxx
> Cc: Olaf Hering; KY Srinivasan
> Subject: [PATCH] tools/hv/hv_kvp_daemon.c: Netlink source address validation
> allows DoS
>
> Hi.
>
> After discussion with KY Srinivasan and Olaf Hering I'm sending you
> a patch for the HyperV KVP daemon distributed in linux kernel
> "tools/hv/hv_kvp_daemon.c".
>
> There is an issue in the current daemon source causing hyperv kvp daemon
> to exit when it processes a spoofed Netlink packet which has been sent
> from an untrusted local user.
>
> This patch is fixing this, so now the Netlink messages with a non-zero
> nl_pid source address are just ignored.
You don't want to send the patch as an attachment. Please send the patch
as part of the mail.
Regards,
K. Y
>
>
> Regards,
>
> Tomas Hozza
> Associate Software Engineer
> BaseOS - Brno, CZ
N‹§²æìr¸›yúèšØb²X¬¶ÇvØ^–)Þ{.nÇ+‰·¥Š{±‘êçzX§¶�›¡Ü}©ž²ÆzÚ&j:+v‰¨¾�«‘êçzZ+€Ê+zf£¢·hšˆ§~††Ûiÿûàz¹�®w¥¢¸?™¨èÚ&¢)ß�f”ù^jÇy§m…á@A«a¶Úÿ�0¶ìh®�å’i