2023-08-30 20:46:12

by Pablo Neira Ayuso

[permalink] [raw]
Subject: Re: [PATCH nf] netfilter/xt_u32: validate user space input

On Mon, Aug 28, 2023 at 10:21:07AM -0300, Wander Lairson Costa wrote:
> The xt_u32 module doesn't validate the fields in the xt_u32 structure.
> An attacker may take advantage of this to trigger an OOB read by setting
> the size fields with a value beyond the arrays boundaries.
>
> Add a checkentry function to validate the structure.
>
> This was originally reported by the ZDI project (ZDI-CAN-18408).

Applied to nf, thanks