backport ipv6 security fix to 2.4 (#4245)
authornbd <nbd@3c298f89-4303-0410-b956-a3cf2f4a3e73>
Tue, 23 Dec 2008 12:22:22 +0000 (12:22 +0000)
committernbd <nbd@3c298f89-4303-0410-b956-a3cf2f4a3e73>
Tue, 23 Dec 2008 12:22:22 +0000 (12:22 +0000)
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@13734 3c298f89-4303-0410-b956-a3cf2f4a3e73

target/linux/generic-2.4/patches/900-CVE-2008-2136.patch [new file with mode: 0644]

diff --git a/target/linux/generic-2.4/patches/900-CVE-2008-2136.patch b/target/linux/generic-2.4/patches/900-CVE-2008-2136.patch
new file mode 100644 (file)
index 0000000..8e8be48
--- /dev/null
@@ -0,0 +1,26 @@
+Backport of:
+
+From: David S. Miller <davem@davemloft.net>
+Date: Fri, 9 May 2008 06:40:26 +0000 (-0700)
+Subject: sit: Add missing kfree_skb() on pskb_may_pull() failure.
+X-Git-Tag: v2.6.26-rc2~19^2
+X-Git-Url: http://git.kernel.org/?p=linux%2Fkernel%2Fgit%2Ftorvalds%2Flinux-2.6.git;a=commitdiff_plain;h=36ca34cc3b8335eb1fe8bd9a1d0a2592980c3f02
+
+sit: Add missing kfree_skb() on pskb_may_pull() failure.
+
+Noticed by Paul Marks <paul@pmarks.net>.
+
+Signed-off-by: David S. Miller <davem@davemloft.net>
+--- a/net/ipv6/sit.c
++++ b/net/ipv6/sit.c
+@@ -410,9 +410,9 @@ int ipip6_rcv(struct sk_buff *skb)
+       }
+       icmp_send(skb, ICMP_DEST_UNREACH, ICMP_PROT_UNREACH, 0);
+-      kfree_skb(skb);
+       read_unlock(&ipip6_lock);
+ out:
++      kfree_skb(skb);
+       return 0;
+ }