kernel_optimize_test/drivers
Florian Zumbiehl 202a03acf9 [PPPOE]: memory leak when socket is release()d before PPPIOCGCHAN has been called on it
below you find a patch that fixes a memory leak when a PPPoE socket is
release()d after it has been connect()ed, but before the PPPIOCGCHAN ioctl
ever has been called on it.

This is somewhat of a security problem, too, since PPPoE sockets can be
created by any user, so any user can easily allocate all the machine's
RAM to non-swappable address space and thus DoS the system.

Is there any specific reason for PPPoE sockets being available to any
unprivileged process, BTW? After all, you need a packet socket for the
discovery stage anyway, so it's unlikely that any unprivileged process
will ever need to create a PPPoE socket, no? Allocating all session IDs
for a known AC is a kind of DoS, too, after all - with Juniper ERXes,
this is really easy, actually, since they don't ever assign session ids
above 8000 ...

Signed-off-by: Florian Zumbiehl <florz@florz.de>
Acked-by: Michal Ostrowski <mostrows@earthlink.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-04-25 22:29:20 -07:00
..
acorn [ARM] Acorn: move the i2c bus driver into drivers/i2c 2007-03-04 20:40:50 +00:00
acpi acpi-thermal: fix mod_timer() interval 2007-04-24 08:23:08 -07:00
amba
ata pata_sis: Fix oops on boot 2007-04-19 19:20:52 -04:00
atm [SK_BUFF]: Introduce skb_copy_from_linear_data{_offset} 2007-04-25 22:28:23 -07:00
auxdisplay [PATCH] cfag12864b: fix crash when built-in and no parport present 2007-02-20 17:10:14 -08:00
base [PATCH] PM: use kobject_name() to access kobject names 2007-04-11 15:39:39 -07:00
block [SK_BUFF]: Introduce skb_reset_network_header(skb) 2007-04-25 22:24:46 -07:00
bluetooth [SK_BUFF]: Introduce skb_copy_from_linear_data{_offset} 2007-04-25 22:28:23 -07:00
cdrom [PATCH] Fix soft lockup with iSeries viocd driver 2007-03-05 07:57:51 -08:00
char [NET]: random functions can use nsec resolution instead of usec 2007-04-25 22:28:25 -07:00
clocksource [PATCH] correct slow acpi_pm rating 2007-03-27 09:05:15 -07:00
connector [NETLINK]: Switch cb_lock spinlock to mutex and allow to override it 2007-04-25 22:29:03 -07:00
cpufreq [PATCH] Fix maxcpus=1 trigerring BUG() in cpufreq 2007-03-27 08:55:56 -07:00
crypto [PATCH] geode-aes: use unsigned long for spin_lock_irqsave 2007-03-06 09:30:25 -08:00
dio
dma [PATCH] rm pointless dmaengine exports 2007-03-16 19:25:03 -07:00
edac
eisa [PATCH] drivers/eisa/pci_eisa.c:pci_eisa_init() should be init 2007-03-27 09:05:15 -07:00
fc4
firmware
hid HID: Do not discard truncated input reports 2007-04-05 16:06:30 +02:00
hwmon hwmon/w83627ehf: Don't redefine REGION_OFFSET 2007-04-24 08:23:08 -07:00
i2c Minor bug fixes to i2c-pasemi 2007-04-17 16:36:28 -07:00
ide ide/Kconfig: add missing range check for IDE_MAX_HWIFS 2007-04-20 22:16:58 +02:00
ieee1394 [SK_BUFF]: Introduce ip_hdr(), remove skb->nh.iph 2007-04-25 22:25:10 -07:00
infiniband [SK_BUFF]: Introduce skb_copy_from_linear_data{_offset} 2007-04-25 22:28:23 -07:00
input [PATCH] Input: ucb1400 - set up driver's name to show in sysfs 2007-04-10 17:26:33 -07:00
isdn [SK_BUFF]: Introduce skb_copy_to_linear_data{_offset} 2007-04-25 22:28:29 -07:00
kvm KVM: Fix off-by-one when writing to a nonpae guest pde 2007-04-19 18:39:26 +03:00
leds
macintosh drivers/macintosh/smu.c: fix locking snafu 2007-04-17 16:36:27 -07:00
mca
md [PATCH] md: fix calculation for size of filemap_attr array in md/bitmap 2007-04-12 15:31:42 -07:00
media [SK_BUFF]: Introduce skb_copy_from_linear_data{_offset} 2007-04-25 22:28:23 -07:00
message [SK_BUFF]: Introduce skb_copy_from_linear_data{_offset} 2007-04-25 22:28:23 -07:00
mfd [PATCH] drivers/mfd/sm501.c: fix an off-by-one 2007-04-02 10:06:08 -07:00
misc asus-laptop: make code static 2007-03-09 21:06:40 -05:00
mmc [ARM] 4256/1: i.MX/MX1 SDHC fix/workaround of SD card recognition problems 2007-03-12 16:49:37 +00:00
mtd [MTD] [OneNAND] Classify the page data and oob buffer 2007-03-09 08:08:09 +00:00
net [PPPOE]: memory leak when socket is release()d before PPPIOCGCHAN has been called on it 2007-04-25 22:29:20 -07:00
nubus
oprofile [PATCH] oprofile: fix potential deadlock on oprofilefs_lock 2007-03-28 13:58:02 -07:00
parisc [NET]: Inline net_device_stats 2007-04-25 22:28:26 -07:00
parport [PARPORT] SUNBPP: Fix OOPS when debugging is enabled. 2007-04-23 23:33:17 -07:00
pci Revert "adjust legacy IDE resource setting (v2)" 2007-04-23 23:19:36 +02:00
pcmcia [PATCH] omap_cf: oops-on-suspend fix 2007-04-08 19:47:55 -07:00
pnp [PATCH] Correctly report PnP 64bit resources 2007-04-02 10:06:08 -07:00
ps3 [PATCH] C99 initializers, proper use of const in drivers/ps3 2007-03-14 15:27:50 -07:00
rapidio
rtc [PATCH] rtc-cmos lockdep fix, irq updates 2007-04-02 10:06:09 -07:00
s390 [SK_BUFF]: Introduce skb_copy_to_linear_data{_offset} 2007-04-25 22:28:29 -07:00
sbus [SPARC] openprom: Switch to ref counting PCI API 2007-04-23 22:50:53 -07:00
scsi [NETLINK]: Switch cb_lock spinlock to mutex and allow to override it 2007-04-25 22:29:03 -07:00
serial 8250: fix possible deadlock between serial8250_handle_port() and serial8250_interrupt() 2007-04-24 08:23:09 -07:00
sh
sn
spi spi: fix use of set_cs in spi_s3c24xx driver 2007-04-17 16:36:27 -07:00
tc [PATCH] Fix build error on zs serial driver 2007-04-04 21:12:47 -07:00
telephony
usb [SK_BUFF]: Introduce skb_copy_to_linear_data{_offset} 2007-04-25 22:28:29 -07:00
video Fix spelling in drivers/video/Kconfig 2007-04-24 08:23:08 -07:00
w1
zorro
Kconfig
Makefile