HomeFreeBSD
Diffusion FreeBSD src repository 10eb2a2bde61

ipsec: Validate the protocol identifier in ipsec4_ctlinput()
10eb2a2bde61
Actions

Description

ipsec: Validate the protocol identifier in ipsec4_ctlinput()

key_allocsa() expects to handle only IPSec protocols and has an
assertion to this effect. However, ipsec4_ctlinput() has to handle
messages from ICMP unreachable packets and was not validating the
protocol number. In practice such a packet would simply fail to match
any SADB entries and would thus be ignored.

Reported by: syzbot+6a9ef6fcfadb9f3877fe@syzkaller.appspotmail.com
Reviewed by: ae
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D31890

Details

Provenance
markjAuthored on Sep 10 2021, 1:07 PM
Reviewer
ae
Differential Revision
D31890: ipsec: Validate the protocol identifier in ipsec4_ctlinput()
Parents
rGb1e6a792d68e: net: Enter a net epoch around protocol if_up/down notifications
Branches
Unknown
Tags
Unknown

Changes (1)

PathSize
sys/
netipsec/

rG10eb2a2bde61

View Options

sys/netipsec/ipsec_input.c

Loading...