Commit 69fcf15c authored by Phil Turnbull's avatar Phil Turnbull Committed by Lee Jones
Browse files

netfilter: nfnetlink_acct: validate NFACCT_FILTER parameters 



commit 017b1b6d upstream.

nfacct_filter_alloc doesn't validate the NFACCT_FILTER_MASK and
NFACCT_FILTER_VALUE parameters which can trigger a NULL pointer
dereference. CAP_NET_ADMIN is required to trigger the bug.

Signed-off-by: default avatarPhil Turnbull <phil.turnbull@oracle.com>
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
Cc: Zubin Mithra <zsm@chromium.org>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: default avatarLee Jones <lee.jones@linaro.org>
Signed-off-by: default avatarLee Jones <joneslee@google.com>
Change-Id: Ic2303263419079af22dac5ef58a1b72faf30f999
parent 11590eed
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment