git://ftp.safe.ca / safe / jmp / linux-2.6 / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 40a14de) | patch
e1000e: enhance frame fragment detection
authorJesse Brandeburg <jesse.brandeburg@intel.com>
Tue, 19 Jan 2010 14:15:59 +0000 (14:15 +0000)
committerDavid S. Miller <davem@davemloft.net>
Thu, 21 Jan 2010 00:21:23 +0000 (16:21 -0800)
commitb94b50289622e816adc9f94111cfc2679c80177c
tree9545a229c7ef2dbdcdc8300fd4d84ff3cafc7808tree | snapshot
parent40a14deaf411592b57cb0720f0e8004293ab9865commit | diff
e1000e: enhance frame fragment detection

Originally patched by Neil Horman <nhorman@tuxdriver.com>

e1000e could with a jumbo frame enabled interface, and packet split disabled,
receive a packet that would overflow a single rx buffer.  While in practice
very hard to craft a packet that could abuse this, it is possible.

this is related to CVE-2009-4538

Signed-off-by: Jesse Brandeburg <jesse.brandeburg@intel.com>
CC: Neil Horman <nhorman@tuxdriver.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
drivers/net/e1000e/e1000.h diff | blob | history
drivers/net/e1000e/netdev.c diff | blob | history
Full containers within linux kernel