Project

General

Profile

Bug #2101

bpf_filter() can leak kernel stack contents

Added by guy over 5 years ago. Updated over 5 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
Start date:
Due date:
% Done:

0%


Description

http://seclists.org/fulldisclosure/2010/Nov/89

That's Linux's BPF interpreter, but the same problem exists with the *BSD BPF interpreter:

http://www.openbsd.org/cgi-bin/cvsweb/src/sys/net/bpf_filter.c.diff?r1=1.21;r2=1.22

http://www.openbsd.org/cgi-bin/cvsweb/src/sys/net/bpf_filter.c?rev=1.22;content-type=text%2Fx-cvsweb-markup

Dan's program doesn't directly map to *BSD, but something could probably be cooked up.

OpenBSD's fix clears it up.

History

#1 Updated by vsrinivas over 5 years ago

Closed by 2d4fcd80be0766d5eff1593ac3e64d84a2929a4b.

Also available in: Atom PDF