[PATCH] tools/hv/hv_kvp_daemon.c: Netlink source address validation allows DoS

KY Srinivasan kys at microsoft.com
Tue Nov 6 15:30:34 UTC 2012



> -----Original Message-----
> From: Tomas Hozza [mailto:thozza at redhat.com]
> Sent: Tuesday, November 06, 2012 10:21 AM
> To: gregkh at linuxfoundation.org; linux-kernel at vger.kernel.org;
> devel at linuxdriverproject.org; apw at canonical.com; jasowang at redhat.com
> Cc: Olaf Hering; KY Srinivasan
> Subject: [PATCH] tools/hv/hv_kvp_daemon.c: Netlink source address validation
> allows DoS
> 
> Hi.
> 
> After discussion with KY Srinivasan and Olaf Hering I'm sending you
> a patch for the HyperV KVP daemon distributed in linux kernel
> "tools/hv/hv_kvp_daemon.c".
> 
> There is an issue in the current daemon source causing hyperv kvp daemon
> to exit when it processes a spoofed Netlink packet which has been sent
> from an untrusted local user.
> 
> This patch is fixing this, so now the Netlink messages with a non-zero
> nl_pid source address are just ignored.

You don't want to send the patch as an attachment.  Please send the patch
as part of the mail.

Regards,

K. Y
> 
> 
> Regards,
> 
> Tomas Hozza
> Associate Software Engineer
> BaseOS - Brno, CZ


More information about the devel mailing list