sctp: Prevent TOCTOU out-of-bounds write - kernel - Hosts the 0x221E linux distro kernel.

diff options

author	Stefan Wiehler <stefan.wiehler@nokia.com>	2025-10-28 17:12:27 +0100
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2025-11-13 15:34:38 -0500
commit	2fe08fcaacb7eb019fa9c81db39b2214de216677 (patch)
tree	f910abbcd9f7aa12ef5d53c19ce58b8924b30a27 /include/net/aligned_data.h
parent	97a2bb90a6b64b9693a5e88a69007d0ffbd6accf (diff)

sctp: Prevent TOCTOU out-of-bounds write

[ Upstream commit 95aef86ab231f047bb8085c70666059b58f53c09 ] For the following path not holding the sock lock, sctp_diag_dump() -> sctp_for_each_endpoint() -> sctp_ep_dump() make sure not to exceed bounds in case the address list has grown between buffer allocation (time-of-check) and write (time-of-use). Suggested-by: Kuniyuki Iwashima <kuniyu@google.com> Fixes: 8f840e47f190 ("sctp: add the sctp_diag.c file") Signed-off-by: Stefan Wiehler <stefan.wiehler@nokia.com> Reviewed-by: Kuniyuki Iwashima <kuniyu@google.com> Acked-by: Xin Long <lucien.xin@gmail.com> Link: https://patch.msgid.link/20251028161506.3294376-3-stefan.wiehler@nokia.com Signed-off-by: Jakub Kicinski <kuba@kernel.org> Signed-off-by: Sasha Levin <sashal@kernel.org>

Diffstat (limited to 'include/net/aligned_data.h')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: