Nixpkgs security tracker

Login with GitHub
⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Suggestion detail

Dismissed
(max. allowed matches exceeded)
created 3 weeks ago Activity log
  • Created & dismissed (max. allowed matches exceeded) suggestion
ip6_vti: fix incorrect tunnel matching in vti6_tnl_lookup()

In the Linux kernel, the following vulnerability has been resolved: ip6_vti: fix incorrect tunnel matching in vti6_tnl_lookup() In vti6_tnl_lookup(), when an exact match for a tunnel fails, the code falls back to searching for wildcard tunnels: - Tunnels matching the packet's local address, with any remote address wildcard remote). - Tunnels matching the packet's remote address, with any local address (wildcard local). However, vti6 stores all these different types of tunnels in the same hash table (ip6n->tnls_r_l) prone to hash collisions. The bug is that the fallback search loops in vti6_tnl_lookup() were missing checks to ensure that the candidate tunnel actually has a wildcard address.

Affected products

Linux
  • ==3.19
  • =<6.18.*
  • <c327fa4fca31415431202e063767a7ae342e19c6
  • <2abfb19bbb81958714ad1d43ebeb65b30394184b
  • =<6.1.*
  • <3.19
  • =<6.6.*
  • =<5.15.*
  • =<6.12.*
  • =<7.0.*
  • <fc657ac0767c49839b3ef0b08dc0953ca30883f8
  • <47fb3c2b4203556308e64354b3e78f2ce221d646
  • <2fc7bc087cc7085368263d9d37bfe9a0bddd6a2d
  • <90fd4513315ca07da99cfd8549d3e553a7160f0d
  • <f513f308cc4bdb4530d033431592ffbc29b7fca1
  • <a5c0359f5cbc51a2e2b114d6041e0f3c73f903e9
  • =<5.10.*
  • =<*