libceph: Fix NULL pointer dereference in auth client code - linux/linux-stable.git

diff options

author	Tyler Hicks <tyhicks@canonical.com>	2013-06-20 13:13:59 -0700
committer	Ben Hutchings <ben@decadent.org.uk>	2013-07-27 05:34:26 +0100
commit	88a4055704b39e5c67c9cbc837cc15ec6a6d8671 (patch)
tree	08d0d683c37094436403fa2c99e7e14ba752d0c1 /kernel/rtmutex-debug.h
parent	226f3aac00bdf3650b150b2fe9640c64b25aaaa8 (diff)

libceph: Fix NULL pointer dereference in auth client code

commit 2cb33cac622afde897aa02d3dcd9fbba8bae839e upstream. A malicious monitor can craft an auth reply message that could cause a NULL function pointer dereference in the client's kernel. To prevent this, the auth_none protocol handler needs an empty ceph_auth_client_ops->build_request() function. CVE-2013-1059 Signed-off-by: Tyler Hicks <tyhicks@canonical.com> Reported-by: Chanam Park <chanam.park@hkpco.kr> Reviewed-by: Seth Arnold <seth.arnold@canonical.com> Reviewed-by: Sage Weil <sage@inktank.com> Signed-off-by: Ben Hutchings <ben@decadent.org.uk>

Diffstat (limited to 'kernel/rtmutex-debug.h')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: