60 lines
2.0 KiB
Diff
60 lines
2.0 KiB
Diff
From: WANG Cong <xiyou.wangcong@gmail.com>
|
|
Date: Tue, 9 May 2017 16:59:54 -0700
|
|
Subject: ipv6/dccp: do not inherit ipv6_mc_list from parent
|
|
Origin: https://git.kernel.org/linus/83eaddab4378db256d00d295bda6ca997cd13a52
|
|
Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2017-9076
|
|
Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2017-9077
|
|
|
|
Like commit 657831ffc38e ("dccp/tcp: do not inherit mc_list from parent")
|
|
we should clear ipv6_mc_list etc. for IPv6 sockets too.
|
|
|
|
Cc: Eric Dumazet <edumazet@google.com>
|
|
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
|
|
Acked-by: Eric Dumazet <edumazet@google.com>
|
|
Signed-off-by: David S. Miller <davem@davemloft.net>
|
|
---
|
|
net/dccp/ipv6.c | 6 ++++++
|
|
net/ipv6/tcp_ipv6.c | 2 ++
|
|
2 files changed, 8 insertions(+)
|
|
|
|
--- a/net/dccp/ipv6.c
|
|
+++ b/net/dccp/ipv6.c
|
|
@@ -426,6 +426,9 @@ static struct sock *dccp_v6_request_recv
|
|
newsk->sk_backlog_rcv = dccp_v4_do_rcv;
|
|
newnp->pktoptions = NULL;
|
|
newnp->opt = NULL;
|
|
+ newnp->ipv6_mc_list = NULL;
|
|
+ newnp->ipv6_ac_list = NULL;
|
|
+ newnp->ipv6_fl_list = NULL;
|
|
newnp->mcast_oif = inet6_iif(skb);
|
|
newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
|
|
|
|
@@ -490,6 +493,9 @@ static struct sock *dccp_v6_request_recv
|
|
/* Clone RX bits */
|
|
newnp->rxopt.all = np->rxopt.all;
|
|
|
|
+ newnp->ipv6_mc_list = NULL;
|
|
+ newnp->ipv6_ac_list = NULL;
|
|
+ newnp->ipv6_fl_list = NULL;
|
|
newnp->pktoptions = NULL;
|
|
newnp->opt = NULL;
|
|
newnp->mcast_oif = inet6_iif(skb);
|
|
--- a/net/ipv6/tcp_ipv6.c
|
|
+++ b/net/ipv6/tcp_ipv6.c
|
|
@@ -1046,6 +1046,7 @@ static struct sock *tcp_v6_syn_recv_sock
|
|
newtp->af_specific = &tcp_sock_ipv6_mapped_specific;
|
|
#endif
|
|
|
|
+ newnp->ipv6_mc_list = NULL;
|
|
newnp->ipv6_ac_list = NULL;
|
|
newnp->ipv6_fl_list = NULL;
|
|
newnp->pktoptions = NULL;
|
|
@@ -1115,6 +1116,7 @@ static struct sock *tcp_v6_syn_recv_sock
|
|
First: no IPv4 options.
|
|
*/
|
|
newinet->inet_opt = NULL;
|
|
+ newnp->ipv6_mc_list = NULL;
|
|
newnp->ipv6_ac_list = NULL;
|
|
newnp->ipv6_fl_list = NULL;
|
|
|