HomeFreeBSD
Diffusion FreeBSD src repository 49f3ea024bc1

accept_filter: Fix filter parameter handling
49f3ea024bc1
Actions

Description

accept_filter: Fix filter parameter handling

For filters which implement accf_create, the setsockopt(2) handler
caches the filter name in the socket, but it also incorrectly frees the
buffer containing the copy, leaving a dangling pointer. Note that no
accept filters provided in the base system are susceptible to this, as
they don't implement accf_create.

Reported by: Alexey Kulaev <alex.qart@gmail.com>
Discussed with: emaste
Sponsored by: The FreeBSD Foundation
Approved by: so
Security: CVE-2021-29627
Security: FreeBSD-SA-21:09.accept_filter

(cherry picked from commit 653a437c04440495cd8e7712c7cf39444f26f1ee)
(cherry picked from commit 6008a5fad3c110c4ec03cc3fe60ce41c4e548b98)

Details

Provenance
markjAuthored on Mar 25 2021, 9:55 PM
Parents
rGaf61348d61f5: Fix multiple OpenSSL vulnerabilities. Add UPDATING and bump version.
Branches
Unknown
Tags
Unknown

Changes (1)

PathSize
sys/
kern/

rG49f3ea024bc1

View Options

sys/kern/uipc_accf.c

Loading...