]> git.dujemihanovic.xyz Git - u-boot.git/commit
net: nfs: Fix CVE-2022-30767 (old CVE-2019-14196)
authorAndrea zi0Black Cappa <zi0Black@protonmail.com>
Wed, 18 May 2022 16:30:08 +0000 (16:30 +0000)
committerTom Rini <trini@konsulko.com>
Thu, 26 May 2022 14:32:06 +0000 (10:32 -0400)
commitbdbf7a05e26f3c5fd437c99e2755ffde186ddc80
treeed0772cd40b66157b9c6a007d995b707f3941ef1
parent9e892ac27670e094ce4bade5a13b4d0e3a7c4da3
net: nfs: Fix CVE-2022-30767 (old CVE-2019-14196)

This patch mitigates the vulnerability identified via CVE-2019-14196.

The previous patch was bypassed/ineffective, and now the vulnerability
is identified via CVE-2022-30767. The patch removes the sanity check
introduced to mitigate CVE-2019-14196 since it's ineffective.
filefh3_length is changed to unsigned type integer, preventing negative
numbers from being used during comparison with positive values during
size sanity checks.

Signed-off-by: Andrea zi0Black Cappa <zi0Black@protonmail.com>
net/nfs.c