Gitiles
Code Review Sign In
gerrit-public.fairphone.software / fp2-dev / platform / external / busybox / 6c8161d69fe9fce0f862b678aaa84866aaaeff8f
commit6c8161d69fe9fce0f862b678aaa84866aaaeff8f[log] [tgz]
authorEric Andersen <andersen@codepoet.org>Wed May 05 07:05:32 2004 +0000
committerEric Andersen <andersen@codepoet.org>Wed May 05 07:05:32 2004 +0000
tree28ca3d47c5325c070ffc3e84b136d8bed02a328f
parent5ec58285c3990ebab9900295f1a1d32824338719 [diff]
Steve Grubb writes:

Hello,

Last November a bug was found in iproute. CAN-2003-0856 has more information.
Basically, netlink packets can come from any user. If a program performs action
based on netlink packets, they must be examined to make sure they came from the
place they are expected (the kernel).

Attached is a patch against pre8. Please apply this before releasing 1.00 final.
All users of busy box may be vulnerable to local attacks without it.

Best Regards,
Steve Grubb
1 file changed
tree: 28ca3d47c5325c070ffc3e84b136d8bed02a328f
  1. applets/
  2. archival/
  3. console-tools/
  4. coreutils/
  5. debian/
  6. debianutils/
  7. docs/
  8. editors/
  9. examples/
  10. findutils/
  11. include/
  12. init/
  13. libbb/
  14. libpwdgrp/
  15. loginutils/
  16. miscutils/
  17. modutils/
  18. networking/
  19. patches/
  20. procps/
  21. scripts/
  22. shell/
  23. sysdeps/
  24. sysklogd/
  25. testsuite/
  26. util-linux/
  27. .cvsignore
  28. .indent.pro
  29. AUTHORS
  30. Changelog
  31. INSTALL
  32. LICENSE
  33. Makefile
  34. README
  35. Rules.mak
  36. TODO