public-mirrors/linux
1
0
Fork 0
mirror of git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git synced 2025-08-05 16:54:27 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
linux/net/ceph
History
Tyler Hicks 2cb33cac62 libceph: Fix NULL pointer dereference in auth client code 
A malicious monitor can craft an auth reply message that could cause a
NULL function pointer dereference in the client's kernel.

To prevent this, the auth_none protocol handler needs an empty
ceph_auth_client_ops->build_request() function.

CVE-2013-1059

Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Reported-by: Chanam Park <chanam.park@hkpco.kr>
Reviewed-by: Seth Arnold <seth.arnold@canonical.com>
Reviewed-by: Sage Weil <sage@inktank.com>
Cc: stable@vger.kernel.org
2013-07-03 15:32:55 -07:00
..
crush crush: avoid recursion if we have already collided 2013-01-17 12:42:39 -06:00
armor.c
auth.c libceph: wrap auth methods in a mutex 2013-05-01 21:17:15 -07:00
auth_none.c libceph: Fix NULL pointer dereference in auth client code 2013-07-03 15:32:55 -07:00
auth_none.h
auth_x.c libceph: wrap auth ops in wrapper functions 2013-05-01 21:17:14 -07:00
auth_x.h libceph: add update_authorizer auth method 2013-05-01 21:17:13 -07:00
auth_x_protocol.h
buffer.c
ceph_common.c libceph: use slab cache for osd client requests 2013-05-02 11:58:41 -05:00
ceph_fs.c
ceph_hash.c
ceph_strings.c libceph: update ceph_osd_op_name() 2013-02-18 12:20:18 -06:00
crypto.c libceph: eliminate sparse warnings 2013-02-25 15:37:18 -06:00
crypto.h
debugfs.c libceph: keep source rather than message osd op array 2013-05-01 21:18:12 -07:00
Kconfig net/ceph: remove depends on CONFIG_EXPERIMENTAL 2013-01-11 11:39:33 -08:00
Makefile libceph: create source file "net/ceph/snapshot.c" 2013-05-01 21:20:08 -07:00
messenger.c libceph: allocate ceph message data with a slab allocator 2013-05-02 11:58:36 -05:00
mon_client.c libceph: wrap auth ops in wrapper functions 2013-05-01 21:17:14 -07:00
msgpool.c
osd_client.c libceph: fix truncate size calculation 2013-07-03 15:32:45 -07:00
osdmap.c libceph: define ceph_decode_pgid() only once 2013-05-01 21:17:52 -07:00
pagelist.c ceph: use list_move_tail instead of list_del/list_add_tail 2012-10-01 14:30:49 -05:00
pagevec.c libceph: drop return value from page vector copy routines 2013-02-19 19:14:05 -06:00
snapshot.c libceph: create source file "net/ceph/snapshot.c" 2013-05-01 21:20:08 -07:00