summaryrefslogtreecommitdiff
path: root/firmware/emi62/loader.HEX
diff options
context:
space:
mode:
authorAnssi Hannula <anssi.hannula@bitwise.fi>2017-05-24 01:53:29 (GMT)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>2017-06-17 04:41:49 (GMT)
commita2901d01a6c7aac1b1e0603bc7d8fce448760195 (patch)
tree6e3b06d33f5d4cfde8be79ebdae461c0ee4a71ef /firmware/emi62/loader.HEX
parentbff3001afae781cc24dc816bc3e0f9c6f6a02296 (diff)
downloadlinux-a2901d01a6c7aac1b1e0603bc7d8fce448760195.tar.xz
net: xilinx_emaclite: fix receive buffer overflow
[ Upstream commit cd224553641848dd17800fe559e4ff5d208553e8 ] xilinx_emaclite looks at the received data to try to determine the Ethernet packet length but does not properly clamp it if proto_type == ETH_P_IP or 1500 < proto_type <= 1518, causing a buffer overflow and a panic via skb_panic() as the length exceeds the allocated skb size. Fix those cases. Also add an additional unconditional check with WARN_ON() at the end. Signed-off-by: Anssi Hannula <anssi.hannula@bitwise.fi> Fixes: bb81b2ddfa19 ("net: add Xilinx emac lite device driver") Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Sasha Levin <alexander.levin@verizon.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'firmware/emi62/loader.HEX')
0 files changed, 0 insertions, 0 deletions