Re: [PATCH net] ipv6: sctp: clone options to avoid use after free

From: Eric Dumazet
Date: Wed Dec 09 2015 - 10:59:51 EST


On Wed, 2015-12-09 at 15:49 +0000, David Laight wrote:
> > SCTP is lacking proper np->opt cloning at accept() time.
> >
> > TCP and DCCP use ipv6_dup_options() helper, do the same in SCTP.
> >
> > We might later factorize this code in a common helper to avoid
> > future mistakes.
>
> I'm wondering what the real impact of this and the other recent
> SCTP bugs/patches is on real workloads?
> We have enough trouble getting our customers to use kernels
> later that the 2.6.18 based RHEL5 - without having to persuade
> them to use kernels that contain very recent fixes.

It all depends if your customers let (hostile ?) people run programs on
the boxes.

I wont run the program on my laptop just for the fun of making it crash,
but I guess Cloud providers might be worried, once exploits are public.


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/