Commit e1cc8be2 authored Dec 11, 2024 by Guangguan Wang Committed by Greg Kroah-Hartman Dec 27, 2024

net/smc: check smcd_v2_ext_offset when receiving proposal msg



[ Upstream commit 9ab332de ]

When receiving proposal msg in server, the field smcd_v2_ext_offset in
proposal msg is from the remote client and can not be fully trusted.
Once the value of smcd_v2_ext_offset exceed the max value, there has
the chance to access wrong address, and crash may happen.

This patch checks the value of smcd_v2_ext_offset before using it.

Fixes: 5c21c4cc ("net/smc: determine accepted ISM devices")
Signed-off-by: Guangguan Wang <guangguan.wang@linux.alibaba.com>
Reviewed-by: Wen Gu <guwen@linux.alibaba.com>
Reviewed-by: D. Wythe <alibuda@linux.alibaba.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Sasha Levin <sashal@kernel.org>

parent 62056d15

Show whitespace changes

Inline Side-by-side

CodeLinaro @codelinaro
mentioned in commit 34aea580
· Nov 05, 2025

mentioned in commit 34aea580

mentioned in commit 34aea58089b5383152a3697b41fc1f5cebc01efd

Toggle commit list
CodeLinaro @codelinaro
mentioned in commit 34aea580
· Nov 05, 2025

mentioned in commit 34aea580

mentioned in commit 34aea58089b5383152a3697b41fc1f5cebc01efd

Toggle commit list

Please to comment