net: openvswitch: fix nested key length validation in the set() action (65d91192) · Commits · linux-arm / linux-sh

Commit 65d91192 authored Apr 12, 2025 by Ilya Maximets Committed by Jakub Kicinski Apr 14, 2025

net: openvswitch: fix nested key length validation in the set() action



It's not safe to access nla_len(ovs_key) if the data is smaller than
the netlink header.  Check that the attribute is OK first.

Fixes: ccb1352e ("net: Add Open vSwitch kernel components.")
Reported-by:  <syzbot+b07a9da40df1576b8048@syzkaller.appspotmail.com>
Closes: https://syzkaller.appspot.com/bug?extid=b07a9da40df1576b8048


Tested-by:  <syzbot+b07a9da40df1576b8048@syzkaller.appspotmail.com>
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
Reviewed-by: Eelco Chaudron <echaudro@redhat.com>
Acked-by: Aaron Conole <aconole@redhat.com>
Link: https://patch.msgid.link/20250412104052.2073688-1-i.maximets@ovn.org


Signed-off-by: Jakub Kicinski <kuba@kernel.org>

parent 186e5888

Hide whitespace changes

Inline Side-by-side

Please register or to comment