kernel_optimize_test/drivers
Guillaume Nault 00a0c11ddd bareudp: Fix invalid read beyond skb's linear data
[ Upstream commit 143a8526ab5fd4f8a0c4fe2a9cb28c181dc5a95f ]

Data beyond the UDP header might not be part of the skb's linear data.
Use skb_copy_bits() instead of direct access to skb->data+X, so that
we read the correct bytes even on a fragmented skb.

Fixes: 4b5f67232d ("net: Special handling for IP & MPLS.")
Signed-off-by: Guillaume Nault <gnault@redhat.com>
Link: https://lore.kernel.org/r/7741c46545c6ef02e70c80a9b32814b22d9616b3.1628264975.git.gnault@redhat.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2021-08-18 08:59:11 +02:00
..
accessibility
acpi ACPI: NFIT: Fix support for virtual SPA ranges 2021-08-18 08:59:07 +02:00
amba
android
ata libata: fix ata_pio_sector for CONFIG_HIGHMEM 2021-08-12 13:22:19 +02:00
atm atm: nicstar: register the interrupt handler in the right place 2021-07-19 09:44:52 +02:00
auxdisplay
base drivers core: Fix oops when driver probe fails 2021-08-12 13:22:14 +02:00
bcma
block rbd: always kick acquire on "acquired" and "released" notifications 2021-07-28 14:35:46 +02:00
bluetooth Bluetooth: btusb: fix bt fiwmare downloading failure issue for qca btsoc. 2021-07-19 09:44:54 +02:00
bus bus: ti-sysc: AM3: RNG is GP only 2021-08-12 13:22:16 +02:00
cdrom cdrom: gdrom: initialize global variable at init time 2021-05-26 12:06:55 +02:00
char tpm_ftpm_tee: Free and unregister TEE shared memory during kexec 2021-08-12 13:22:13 +02:00
clk clk: fix leak on devm_clk_bulk_get_all() unwind 2021-08-12 13:22:11 +02:00
clocksource clocksource/arm_arch_timer: Improve Allwinner A64 timer workaround 2021-07-19 09:44:59 +02:00
connector
counter
cpufreq cpufreq: Make cpufreq_online() call driver->offline() on errors 2021-07-14 16:56:13 +02:00
cpuidle cpuidle: Fix ARM_QCOM_SPM_CPUIDLE configuration 2021-05-14 09:50:16 +02:00
crypto crypto: qce - fix error return code in qce_skcipher_async_req_handle() 2021-07-14 16:56:54 +02:00
dax
dca
devfreq PM / devfreq: Add missing error code in devfreq_add_device() 2021-07-14 16:56:11 +02:00
dio
dma dmaengine: imx-dma: configure the generic DMA type to make it work 2021-08-12 13:22:05 +02:00
dma-buf dma-buf/sync_file: Don't leak fences on merge failure 2021-07-25 14:36:20 +02:00
edac EDAC/Intel: Do not load EDAC driver when running as a guest 2021-07-14 16:56:00 +02:00
eisa
extcon extcon: intel-mrfld: Sync hardware and software state on init 2021-07-19 09:45:00 +02:00
firewire
firmware firmware: tee_bnxt: Release TEE shm, session, and context during kexec 2021-08-15 14:00:25 +02:00
fpga fpga: dfl: fme: Fix cpu hotplug issue in performance reporting 2021-08-12 13:22:15 +02:00
fsi fsi: Add missing MODULE_DEVICE_TABLE 2021-07-20 16:05:42 +02:00
gnss
gpio Revert "gpio: mpc8xxx: change the gpio interrupt flags." 2021-08-12 13:22:16 +02:00
gpu drm/amdgpu: don't enable baco on boco platforms in runpm 2021-08-18 08:59:07 +02:00
greybus
hid HID: wacom: Re-enable touch by default for Cintiq 24HDT / 27QHDT 2021-08-04 12:46:41 +02:00
hsi HSI: core: fix resource leaks in hsi_add_client_from_dt() 2021-05-14 09:50:28 +02:00
hv drivers: hv: Fix missing error code in vmbus_connect() 2021-07-14 16:55:59 +02:00
hwmon hwmon: (max31790) Fix fan speed reporting for fan7..12 2021-07-14 16:56:08 +02:00
hwspinlock
hwtracing intel_th: Wait until port is in reset before programming it 2021-07-20 16:05:46 +02:00
i2c i2c: dev: zero out array used for i2c reads from userspace 2021-08-18 08:59:05 +02:00
i3c Revert "i3c master: fix missing destroy_workqueue() on error in i3c_master_register" 2021-05-14 09:50:05 +02:00
ide
idle
iio iio: adc: Fix incorrect exit of for-loop 2021-08-18 08:59:05 +02:00
infiniband RDMA/mlx5: Delay emptying a cache entry when a new MR is added to it recently 2021-08-12 13:22:06 +02:00
input Input: hideep - fix the uninitialized use in hideep_nvm_unlock() 2021-07-20 16:05:44 +02:00
interconnect interconnect: qcom: icc-rpmh: Ensure floor BW is enforced for all nodes 2021-08-12 13:22:18 +02:00
iommu iommu/arm-smmu: Fix arm_smmu_device refcount leak in address translation 2021-07-20 16:05:43 +02:00
ipack ipack/carriers/tpci200: Fix a double free in tpci200_pci_probe 2021-07-19 09:45:01 +02:00
irqchip irqchip/gic-v3: Workaround inconsistent PMR setting on NMI entry 2021-06-23 14:42:49 +02:00
isdn mISDN: fix possible use-after-free in HFC_cleanup() 2021-07-19 09:44:38 +02:00
leds leds: turris-omnia: add missing MODULE_DEVICE_TABLE 2021-07-20 16:05:45 +02:00
lightnvm
macintosh
mailbox mailbox: qcom-ipcc: Fix IPCC mbox channel exhaustion 2021-07-14 16:56:53 +02:00
mcb
md md/raid10: properly indicate failure when ending a failed write request 2021-08-12 13:22:17 +02:00
media media: rtl28xxu: fix zero-length control request 2021-08-12 13:22:14 +02:00
memory memory: tegra: Fix compilation warnings on 64bit platforms 2021-07-25 14:36:14 +02:00
memstick memstick: rtsx_usb_ms: fix UAF 2021-07-14 16:55:53 +02:00
message
mfd mfd: cpcap: Fix cpcap dmamask not set warnings 2021-07-20 16:05:42 +02:00
misc misc: eeprom: at24: Always append device id even if label property is set. 2021-07-28 14:35:46 +02:00
mmc mmc: core: Don't allocate IDA for OF aliases 2021-07-28 14:35:42 +02:00
most
mtd mtd: rawnand: marvell: add missing clk_disable_unprepare() on error in marvell_nfc_resume() 2021-07-14 16:56:47 +02:00
mux
net bareudp: Fix invalid read beyond skb's linear data 2021-08-18 08:59:11 +02:00
nfc nfc: nfcsim: fix use after free during module unload 2021-08-04 12:46:41 +02:00
ntb
nubus
nvdimm libnvdimm/region: Fix label activation vs errors 2021-08-18 08:59:07 +02:00
nvme nvme: fix nvme_setup_command metadata trace event 2021-08-08 09:05:23 +02:00
nvmem nvmem: core: add a missing of_node_put 2021-07-19 09:45:00 +02:00
of of: Fix truncation of memory sizes on 32-bit platforms 2021-07-14 16:56:46 +02:00
opp
oprofile
parisc
parport
pci PCI: Mark AMD Navi14 GPU ATS as broken 2021-07-28 14:35:47 +02:00
pcmcia pcmcia: i82092: fix a null pointer dereference bug 2021-08-12 13:22:16 +02:00
perf perf/arm-cmn: Fix invalid pointer when access dtc object sharing the same IRQ number 2021-07-14 16:56:08 +02:00
phy phy: intel: Fix for warnings due to EMMC clock 175Mhz change in FIP 2021-07-20 16:05:46 +02:00
pinctrl pinctrl: tigerlake: Fix GPIO mapping for newer version of software 2021-08-18 08:59:09 +02:00
platform platform/x86: pcengines-apuv2: Add missing terminating entries to gpio-lookup tables 2021-08-18 08:59:09 +02:00
pnp
power power: supply: rt5033_battery: Fix device tree enumeration 2021-07-20 16:05:50 +02:00
powercap
pps
ps3
ptp ptp: improve max_adj check against unreasonable values 2021-06-23 14:42:45 +02:00
pwm pwm: sprd: Ensure configuring period and duty_cycle isn't wrongly skipped 2021-07-28 14:35:34 +02:00
rapidio rapidio: handle create_workqueue() failure 2021-05-26 12:06:52 +02:00
ras RAS/CEC: Correct ce_add_elem()'s returned values 2021-04-14 08:42:12 +02:00
regulator regulator: rtmv20: Fix wrong mask for strobe-polarity-high 2021-08-08 09:05:22 +02:00
remoteproc remoteproc: k3-r5: Fix an error message 2021-07-20 16:05:50 +02:00
reset reset: ti-syscon: fix to_ti_syscon_reset_data macro 2021-07-25 14:36:11 +02:00
rpmsg rpmsg: qcom_glink_native: fix error return code of qcom_glink_rx_data() 2021-05-19 10:13:02 +02:00
rtc rtc: max77686: Do not enforce (incorrect) interrupt trigger type 2021-07-25 14:36:16 +02:00
s390 s390/sclp_vt220: fix console name to match device 2021-07-20 16:05:42 +02:00
sbus
scsi scsi: lpfc: Move initialization of phba->poll_list earlier to avoid crash 2021-08-18 08:59:06 +02:00
sfi
sh
siox
slimbus
soc soc: ixp4xx/qmgr: fix invalid __iomem access 2021-08-12 13:22:18 +02:00
soundwire soundwire: stream: Fix test for DP prepare complete 2021-07-14 16:56:47 +02:00
spi spi: meson-spicc: fix memory leak in meson_spicc_remove 2021-08-12 13:22:18 +02:00
spmi
ssb ssb: Fix error return code in ssb_bus_scan() 2021-07-14 16:56:21 +02:00
staging staging: rtl8712: error handling refactoring 2021-08-12 13:22:14 +02:00
target scsi: target: Fix protect handling in WRITE SAME(32) 2021-07-28 14:35:39 +02:00
tc
tee tee: Correct inappropriate usage of TEE_SHM_DMA_BUF flag 2021-08-15 14:00:24 +02:00
thermal thermal/core/thermal_of: Stop zone device before unregistering it 2021-07-25 14:36:17 +02:00
thunderbolt thunderbolt: Bond lanes only when dual_link_port != NULL in alloc_dev_default() 2021-07-14 16:56:44 +02:00
tty serial: 8250_pci: Avoid irq sharing for MSI(-X) interrupts. 2021-08-12 13:22:15 +02:00
uio uio_hv_generic: Fix a memory leak in error handling paths 2021-05-26 12:06:52 +02:00
usb USB:ehci:fix Kunpeng920 ehci hardware problem 2021-08-15 14:00:26 +02:00
vdpa vdpa/mlx5: Clear vq ready indication upon device reset 2021-07-20 16:05:53 +02:00
vfio vfio/pci: Handle concurrent vma faults 2021-07-14 16:56:50 +02:00
vhost vhost-vdpa: fix vm_flags for virtqueue doorbell mapping 2021-05-11 14:47:12 +02:00
video backlight: lm3630a: Fix return code of .update_status() callback 2021-07-20 16:05:45 +02:00
virt nitro_enclaves: Fix stale file descriptors on failed usercopy 2021-05-11 14:47:11 +02:00
virtio
visorbus visorbus: fix error return code in visorchipset_init() 2021-07-14 16:56:41 +02:00
vlynq
vme
w1 w1: ds2438: fixing bug that would always get page0 2021-07-20 16:05:39 +02:00
watchdog Revert "watchdog: iTCO_wdt: Account for rebooting on second timeout" 2021-08-08 09:05:24 +02:00
xen xen/events: reset active flag for lateeoi events later 2021-07-11 12:53:31 +02:00
zorro
Kconfig
Makefile