d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
38f2a43815
freebsd-nq/sys/netinet
History
Xin LI 38f2a43815 Fix SCTP SCTP_SS_VALUE kernel memory corruption and disclosure vulnerability. 
We would like to acknowledge Clement LECIGNE from Google Security Team and
Francisco Falcon from Core Security Technologies who discovered the issue
independently and reported to the FreeBSD Security Team.

Security:	FreeBSD-SA-15:02.kmem
Security:	CVE-2014-8612
Submitted by:	tuexen
2015-01-27 19:35:36 +00:00
..
cc DCTCP (Data Center TCP) implementation. 2015-01-12 08:33:04 +00:00
khelp
libalias It'll be okay to use LibAliasDetachHandlers() here, relying 2013-12-25 09:43:51 +00:00
accf_data.c
accf_dns.c In preparation of merging projects/sendfile, transform bare access to 2014-11-12 09:57:15 +00:00
accf_http.c In preparation of merging projects/sendfile, transform bare access to 2014-11-12 09:57:15 +00:00
cc.h DCTCP (Data Center TCP) implementation. 2015-01-12 08:33:04 +00:00
icmp6.h Migrate structs in6_ifstat and icmp6_ifstat to PCPU counters. 2013-07-09 09:59:46 +00:00
icmp_var.h Remove more constants related to static sysctl nodes. The MAXID constants 2014-02-25 18:44:33 +00:00
if_atm.c The r48589 promised to remove implicit inclusion of if_var.h soon. Prepare 2013-10-26 17:58:36 +00:00
if_atm.h Add const qualifier to the dst parameter of the ifnet if_output method. 2013-04-26 12:50:32 +00:00
if_ether.c * Deal with ARCNET L2 multicast mapping for IPv6 the same way as in IPv4: 2015-01-09 12:56:51 +00:00
if_ether.h Do not return unlocked/unreferenced lle in arpresolve/nd6_storelladdr - 2014-11-27 23:06:25 +00:00
igmp_var.h Merge 'struct ip6protosw' and 'struct protosw' into one. Now we have 2014-08-08 01:57:15 +00:00
igmp.c To ease changes to underlying mbuf structure and the mbuf allocator, reduce 2015-01-05 09:58:32 +00:00
igmp.h
in_cksum.c
in_debug.c
in_gif.c Extern declarations in C files loses compile-time checking that 2014-12-25 21:32:37 +00:00
in_kdtrace.c dtrace sdt: remove the ugly sname parameter of SDT_PROBE_DEFINE 2013-11-26 08:46:27 +00:00
in_kdtrace.h dtrace sdt: remove the ugly sname parameter of SDT_PROBE_DEFINE 2013-11-26 08:46:27 +00:00
in_mcast.c Only define the full inm_print() if KTR_IGMPV3 is enabled at compile time. 2014-09-30 17:26:34 +00:00
in_pcb.c Refactor / restructure the RSS code into generic, IPv4 and IPv6 specific 2015-01-18 18:06:40 +00:00
in_pcb.h Start process of removing the use of the deprecated "M_FLOWID" flag 2014-12-01 11:45:24 +00:00
in_pcbgroup.c Refactor / restructure the RSS code into generic, IPv4 and IPv6 specific 2015-01-18 18:06:40 +00:00
in_proto.c Finish r274118: remove useless fields from struct domain. 2014-11-06 14:39:04 +00:00
in_rmx.c Kill custom in_matroute() radix mathing function removing one rte mutex lock. 2014-11-11 02:52:40 +00:00
in_rss.c Refactor / restructure the RSS code into generic, IPv4 and IPv6 specific 2015-01-18 18:06:40 +00:00
in_rss.h Refactor / restructure the RSS code into generic, IPv4 and IPv6 specific 2015-01-18 18:06:40 +00:00
in_systm.h Where appropriate, use the modern terms for the one true time base 2014-12-21 05:07:11 +00:00
in_var.h Kill custom in_matroute() radix mathing function removing one rte mutex lock. 2014-11-11 02:52:40 +00:00
in.c Remove SYSCTL_VNET_* macros, and simply put CTLFLAG_VNET where needed. 2014-11-07 09:39:05 +00:00
in.h Kill custom in_matroute() radix mathing function removing one rte mutex lock. 2014-11-11 02:52:40 +00:00
ip6.h Eliminate use of M_EXT in IP6_EXTHDR_CHECK() by trimming a redundant 2014-10-05 06:28:53 +00:00
ip_carp.c Log hardware interface up/down as "hardware" rather than just "hw". 2015-01-23 14:30:24 +00:00
ip_carp.h Merge 'struct ip6protosw' and 'struct protosw' into one. Now we have 2014-08-08 01:57:15 +00:00
ip_divert.c Update ip_divert.ko to depend on version 3 of ipfw. 2014-10-11 16:08:54 +00:00
ip_divert.h
ip_dummynet.h ECN marking implenetation for dummynet. 2014-06-01 07:28:24 +00:00
ip_ecn.c
ip_ecn.h
ip_encap.c Merge 'struct ip6protosw' and 'struct protosw' into one. Now we have 2014-08-08 01:57:15 +00:00
ip_encap.h Merge 'struct ip6protosw' and 'struct protosw' into one. Now we have 2014-08-08 01:57:15 +00:00
ip_fastfwd.c Remove incorrect layering violating code that: 2015-01-12 09:41:12 +00:00
ip_fw.h Fix matching default rule on clear/show commands. 2014-10-13 13:49:28 +00:00
ip_gre.c Extern declarations in C files loses compile-time checking that 2014-12-25 21:32:37 +00:00
ip_icmp.c Where appropriate, use the modern terms for the one true time base 2014-12-21 05:07:11 +00:00
ip_icmp.h Where appropriate, use the modern terms for the one true time base 2014-12-21 05:07:11 +00:00
ip_id.c Back out r249318, r249320 and r249327 due to a heisenbug most 2013-05-06 16:42:18 +00:00
ip_input.c Refactor / restructure the RSS code into generic, IPv4 and IPv6 specific 2015-01-18 18:06:40 +00:00
ip_ipsec.c Use ipsec4_in_reject() to simplify ip_ipsec_fwd() and ip_ipsec_input(). 2014-12-11 18:55:54 +00:00
ip_ipsec.h Remove flag/flags argument from the following functions: 2014-12-11 18:35:34 +00:00
ip_mroute.c Remove SYSCTL_VNET_* macros, and simply put CTLFLAG_VNET where needed. 2014-11-07 09:39:05 +00:00
ip_mroute.h Migrate structs arpstat, icmpstat, mrtstat, pimstat and udpstat to PCPU 2013-07-09 09:50:15 +00:00
ip_options.c Use M_WRITABLE() and M_LEADINGSPACE() rather than checking M_EXT and 2015-01-06 14:32:28 +00:00
ip_options.h Make net.inet.ip.sourceroute, net.inet.ip.accept_sourceroute, and 2014-09-15 07:20:40 +00:00
ip_output.c Refactor / restructure the RSS code into generic, IPv4 and IPv6 specific 2015-01-18 18:06:40 +00:00
ip_var.h Add a flag to ip_output() - IP_NODEFAULTFLOWID - which prevents it from 2014-09-09 00:19:02 +00:00
ip.h
pim_var.h Merge 'struct ip6protosw' and 'struct protosw' into one. Now we have 2014-08-08 01:57:15 +00:00
pim.h
raw_ip.c Remove SYSCTL_VNET_* macros, and simply put CTLFLAG_VNET where needed. 2014-11-07 09:39:05 +00:00
sctp_asconf.c Add protection code to free memory in case of processing an address which 2015-01-18 20:53:20 +00:00
sctp_asconf.h
sctp_auth.c Use a consistent type for the number of HMAC algorithms. 2014-09-16 14:20:33 +00:00
sctp_auth.h Use a consistent type for the number of HMAC algorithms. 2014-09-16 14:20:33 +00:00
sctp_bsd_addr.c Minimize the usage of SCTP_BUF_IS_EXTENDED. 2015-01-10 20:49:57 +00:00
sctp_bsd_addr.h
sctp_cc_functions.c Small cleanup which addresses a warning regaring the truncation 2014-09-16 13:48:46 +00:00
sctp_constants.h Fix the handling of sysctl variables when used with VIMAGE. 2014-09-06 19:12:14 +00:00
sctp_crc32.c
sctp_crc32.h
sctp_dtrace_declare.h - For kernel compiled only with KDTRACE_HOOKS and not any lock debugging 2013-11-25 07:38:45 +00:00
sctp_dtrace_define.h dtrace sdt: remove the ugly sname parameter of SDT_PROBE_DEFINE 2013-11-26 08:46:27 +00:00
sctp_header.h Fix the reported streams in a SCTP_STREAM_RESET_EVENT, if a 2014-10-16 15:36:04 +00:00
sctp_indata.c Minimize the usage of SCTP_BUF_IS_EXTENDED. 2015-01-10 20:49:57 +00:00
sctp_indata.h Code cleanups. 2013-07-03 18:48:43 +00:00
sctp_input.c Remove an unnecessary check. 2015-01-18 21:16:22 +00:00
sctp_input.h Fix the reported streams in a SCTP_STREAM_RESET_EVENT, if a 2014-10-16 15:36:04 +00:00
sctp_lock_bsd.h
sctp_os_bsd.h Retire SCTP_BUF_EXTEND_SIZE. This patch was suggested by 2015-01-10 13:56:26 +00:00
sctp_os.h
sctp_output.c Fix a bug which only shows up when an mbuf allocation failed. 2015-01-18 22:00:39 +00:00
sctp_output.h Ensure that the list of streams sent in a stream reset parameter fits 2014-10-08 15:30:59 +00:00
sctp_pcb.c Remove dead code. 2015-01-11 21:55:30 +00:00
sctp_pcb.h Do the renaming of sb_cc to sb_ccc in a way with less code changes by 2014-12-02 20:29:29 +00:00
sctp_peeloff.c Add support for the SCTP_AUTH_SUPPORTED and SCTP_ASCONF_SUPPORTED 2014-08-12 11:30:16 +00:00
sctp_peeloff.h Remove unused function. 2012-11-25 14:25:08 +00:00
sctp_ss_functions.c
sctp_structs.h This is the SCTP specific companion of 2014-12-04 21:17:50 +00:00
sctp_syscalls.c Avoid dynamic syscall overhead for statically compiled modules. 2014-10-26 19:42:44 +00:00
sctp_sysctl.c Remove comparisons which are not necessary. 2015-01-20 19:08:55 +00:00
sctp_sysctl.h Fix the handling of sysctl variables when used with VIMAGE. 2014-09-06 19:12:14 +00:00
sctp_timer.c Code cleanup. 2015-01-19 11:52:08 +00:00
sctp_timer.h
sctp_uio.h Add support for the SCTP_PR_STREAM_STATUS and SCTP_PR_ASSOC_STATUS 2014-08-13 15:50:16 +00:00
sctp_usrreq.c Fix SCTP SCTP_SS_VALUE kernel memory corruption and disclosure vulnerability. 2015-01-27 19:35:36 +00:00
sctp_var.h Do the renaming of sb_cc to sb_ccc in a way with less code changes by 2014-12-02 20:29:29 +00:00
sctp.h Add support for the SCTP_PR_STREAM_STATUS and SCTP_PR_ASSOC_STATUS 2014-08-13 15:50:16 +00:00
sctputil.c Remove dead code. 2015-01-12 07:39:52 +00:00
sctputil.h Minimize the usage of SCTP_BUF_IS_EXTENDED. 2015-01-10 20:49:57 +00:00
siftr.c In preparation of merging projects/sendfile, transform bare access to 2014-11-12 09:57:15 +00:00
tcp_debug.c
tcp_debug.h
tcp_fsm.h
tcp_hostcache.c Use an sbuf to generate the output of the net.inet.tcp.hostcache.list 2015-01-25 19:45:44 +00:00
tcp_hostcache.h Add scope zone id to the in_endpoints and hc_metrics structures. 2014-09-10 16:26:18 +00:00
tcp_input.c DCTCP (Data Center TCP) implementation. 2015-01-12 08:33:04 +00:00
tcp_lro.c Merge r254336 from user/np/cxl_tuning. 2013-08-28 23:00:34 +00:00
tcp_lro.h Merge r254336 from user/np/cxl_tuning. 2013-08-28 23:00:34 +00:00
tcp_offload.c The r48589 promised to remove implicit inclusion of if_var.h soon. Prepare 2013-10-26 17:58:36 +00:00
tcp_offload.h
tcp_output.c To ease changes to underlying mbuf structure and the mbuf allocator, reduce 2015-01-05 09:58:32 +00:00
tcp_reass.c Merge from projects/sendfile: extend protocols API to support 2014-11-30 13:24:21 +00:00
tcp_sack.c Remove SYSCTL_VNET_* macros, and simply put CTLFLAG_VNET where needed. 2014-11-07 09:39:05 +00:00
tcp_seq.h
tcp_subr.c Remove kernel handling of ICMP_SOURCEQUENCH. 2014-11-10 23:10:01 +00:00
tcp_syncache.c Start process of removing the use of the deprecated "M_FLOWID" flag 2014-12-01 11:45:24 +00:00
tcp_syncache.h Introduce spares in the TCP syncache and timewait structures 2013-09-21 10:01:51 +00:00
tcp_timer.c Refactor / restructure the RSS code into generic, IPv4 and IPv6 specific 2015-01-18 18:06:40 +00:00
tcp_timer.h Fix a race condition in TCP timewait between tcp_tw_2msl_reuse() and 2014-10-30 08:53:56 +00:00
tcp_timewait.c Remove SYSCTL_VNET_* macros, and simply put CTLFLAG_VNET where needed. 2014-11-07 09:39:05 +00:00
tcp_usrreq.c Merge from projects/sendfile: 2014-11-30 13:43:52 +00:00
tcp_var.h Re-introduce padding fields removed with r264321 to keep 2014-11-17 14:56:02 +00:00
tcp.h Add placeholder constants to reserve a portion of the socket option 2013-02-01 15:32:20 +00:00
tcpip.h
toecore.c Do not return unlocked/unreferenced lle in arpresolve/nd6_storelladdr - 2014-11-27 23:06:25 +00:00
toecore.h
udp_usrreq.c Refactor / restructure the RSS code into generic, IPv4 and IPv6 specific 2015-01-18 18:06:40 +00:00
udp_var.h Add context pointer and source address to the UDP tunnel callback 2014-10-10 06:08:59 +00:00
udp.h Add placeholder constants to reserve a portion of the socket option 2013-02-01 15:32:20 +00:00
udplite.h Add support for UDP-Lite protocol (RFC 3828) to IPv4 and IPv6 stacks. 2014-04-07 01:53:03 +00:00