OpenE2K
/
linux
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
linux/net
History
Zhang Changzhong fe915dbd0f can: j1939: j1939_tp_cmd_recv(): check the dst address of TP.CM_BAM 
commit 164051a6ab5445bd97f719f50b16db8b32174269 upstream.

The TP.CM_BAM message must be sent to the global address [1], so add a
check to drop TP.CM_BAM sent to a non-global address.

Without this patch, the receiver will treat the following packets as
normal RTS/CTS transport:
18EC0102#20090002FF002301
18EB0102#0100000000000000
18EB0102#020000FFFFFFFFFF

[1] SAE-J1939-82 2015 A.3.3 Row 1.

Fixes: 9d71dd0c70 ("can: add support of SAE J1939 protocol")
Link: https://lore.kernel.org/all/1635431907-15617-4-git-send-email-zhangchangzhong@huawei.com
Cc: stable@vger.kernel.org
Signed-off-by: Zhang Changzhong <zhangchangzhong@huawei.com>
Acked-by: Oleksij Rempel <o.rempel@pengutronix.de>
Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 		2021-12-08 09:01:08 +01:00
..
6lowpan 6lowpan: iphc: Fix an off-by-one check of array index 2021-09-15 09:47:31 +02:00
9p 9p/net: fix missing error check in p9_check_errors 2021-11-17 09:48:49 +01:00
802 net/802/garp: fix memleak in garp_request_join() 2021-07-31 08:19:38 +02:00
8021q net: vlan: fix underflow for the real_dev refcnt 2021-12-01 09:23:34 +01:00
appletalk appletalk: Fix skb allocation size in loopback case 2021-04-07 14:47:41 +02:00
atm atm: fix a memory leak of vcc->user_back 2020-10-01 13:17:58 +02:00
ax25 AX.25: Prevent integer overflows in connect and sendmsg 2020-07-31 18:39:31 +02:00
batman-adv batman-adv: Don't always reallocate the fragmentation skb head 2021-11-26 10:47:22 +01:00
bluetooth Bluetooth: fix init and cleanup of sco_conn.timeout_work 2021-11-17 09:48:33 +01:00
bpf bpf/flow_dissector: support flags in BPF_PROG_TEST_RUN 2019-07-25 18:00:41 -07:00
bpfilter bpfilter: Specify the log level for the kmsg message 2021-07-14 16:53:33 +02:00
bridge net: bridge: use nla_total_size_64bit() in br_get_linkxstats_size() 2021-10-13 10:08:19 +02:00
caif net-caif: avoid user-triggerable WARN_ON(1) 2021-09-22 12:26:40 +02:00
can can: j1939: j1939_tp_cmd_recv(): check the dst address of TP.CM_BAM 2021-12-08 09:01:08 +01:00
ceph libceph: clear con->out_msg on Policy::stateful_server faults 2020-11-05 11:43:34 +01:00
core net, neigh: Enable state migration between NUD_PERMANENT and NTF_USE 2021-11-17 09:48:49 +01:00
dcb net: dcb: Accept RTM_GETDCB messages carrying set-like DCB commands 2021-01-23 15:57:59 +01:00
dccp dccp: don't duplicate ccid when cloning dccp sock 2021-09-22 12:26:40 +02:00
decnet net: decnet: Fix sleeping inside in af_decnet 2021-07-28 13:30:56 +02:00
dns_resolver KEYS: Don't write out to userspace while holding key semaphore 2020-04-23 10:36:45 +02:00
dsa net: dsa: destroy the phylink instance on any error in dsa_slave_phy_setup 2021-09-22 12:26:42 +02:00
ethernet net: add annotations on hh->hh_len lockless accesses 2020-01-09 10:20:06 +01:00
hsr hsr: use netdev_err() instead of WARN_ONCE() 2021-05-14 09:44:10 +02:00
ieee802154 net: Fix memory leak in ieee802154_raw_deliver 2021-08-18 08:57:00 +02:00
ife net: Fix Kconfig indentation 2019-09-26 08:56:17 +02:00
ipv4 tcp_cubic: fix spurious Hystart ACK train detections for not-cwnd-limited flows 2021-12-01 09:23:33 +01:00
ipv6 net: ipv6: add fib6_nh_release_dsts stub 2021-12-01 09:23:33 +01:00
iucv net/af_iucv: remove WARN_ONCE on malformed RX packets 2021-03-07 12:20:42 +01:00
kcm kcm: disable preemption in kcm_parse_func_strparser() 2019-09-27 10:27:14 +02:00
key af_key: relax availability checks for skb size calculation 2021-02-13 13:52:54 +01:00
l2tp net/l2tp: Fix reference count leak in l2tp_udp_recv_core 2021-09-22 12:26:41 +02:00
l3mdev ipv6: convert major tx path to use RT6_LOOKUP_F_DST_NOREF 2019-06-23 13:24:17 -07:00
lapb net: lapb: Copy the skb before sending a packet 2021-02-10 09:25:28 +01:00
llc net: llc: fix skb_over_panic 2021-08-04 12:27:39 +02:00
mac80211 mac80211: check return value of rhashtable_init 2021-10-17 10:42:34 +02:00
mac802154 net: mac802154: Fix general protection fault 2021-04-14 08:24:18 +02:00
mpls net: avoid infinite loop in mpls_gso_segment when mpls_hlen == 0 2021-03-17 17:03:31 +01:00
ncsi net/ncsi : Add payload to be 32-bit aligned to fix dropped packets 2021-12-01 09:23:33 +01:00
netfilter netfilter: ipvs: Fix reuse connection if RS weight is 0 2021-12-01 09:23:31 +01:00
netlabel net: fix NULL pointer reference in cipso_v4_doi_free 2021-09-22 12:26:36 +02:00
netlink netlink: annotate data races around nlk->bound 2021-10-13 10:08:19 +02:00
netrom netrom: Decrease sock refcount when sock timers expire 2021-07-28 13:30:56 +02:00
nfc NFC: add NCI_UNREG flag to eliminate the race 2021-12-01 09:23:35 +01:00
nsh treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
openvswitch ovs: clear skb->tstamp in forwarding path 2021-08-26 08:36:19 -04:00
packet net/packet: annotate accesses to po->ifindex 2021-06-30 08:47:48 -04:00
phonet net: use skb_queue_empty_lockless() in poll() handlers 2019-10-28 13:33:41 -07:00
psample net: psample: fix skb_over_panic 2019-12-04 22:30:54 +01:00
qrtr net: qrtr: fix another OOB Read in qrtr_endpoint_post 2021-09-03 10:08:12 +02:00
rds net/rds: dma_map_sg is entitled to merge entries 2021-09-03 10:08:15 +02:00
rfkill rfkill: Fix use-after-free in rfkill_resume() 2020-11-24 13:29:05 +01:00
rose rose: Fix Null pointer dereference in rose_send_frame() 2020-12-08 10:40:23 +01:00
rxrpc rxrpc: Fix _usecs_to_jiffies() by using usecs_to_jiffies() 2021-11-17 09:48:34 +01:00
sched net: sched: act_mirred: drop dst for the direction from egress to ingress 2021-11-26 10:47:19 +01:00
sctp sctp: add vtag check in sctp_sf_ootb 2021-11-02 19:46:15 +01:00
smc net/smc: Don't call clcsock shutdown twice when smc shutdown 2021-12-01 09:23:34 +01:00
strparser bpf: sockmap, strparser, and tls are reusing qdisc_skb_cb and colliding 2021-11-17 09:48:48 +01:00
sunrpc SUNRPC: Partial revert of commit 6f9f17287e78 2021-11-17 09:48:50 +01:00
switchdev net: switchdev: do not propagate bridge updates across bridges 2021-10-27 09:54:24 +02:00
tipc tipc: increase timeout in tipc_sk_enqueue() 2021-09-22 12:26:41 +02:00
tls net/tls: Fix flipped sign in async_wait.err assignment 2021-11-02 19:46:14 +01:00
unix af_unix: fix races in sk_peer_pid and sk_peer_cred accesses 2021-10-06 15:42:35 +02:00
vmw_vsock vsock: prevent unnecessary refcnt inc for nonblocking connect 2021-11-17 09:48:48 +01:00
wimax wimax: no need to check return value of debugfs_create functions 2019-08-10 15:25:47 -07:00
wireless cfg80211: call cfg80211_stop_ap when switch from P2P_GO type 2021-11-26 10:47:22 +01:00
x25 net/x25: Return the correct errno code 2021-06-18 09:59:00 +02:00
xdp xsk: Simplify detection of empty and full rings 2021-05-22 11:38:27 +02:00
xfrm xfrm: Fix error reporting in xfrm_state_construct. 2021-07-19 08:53:11 +02:00
Kconfig net: Fix CONFIG_NET_CLS_ACT=n and CONFIG_NFT_FWD_NETDEV={y, m} build 2020-04-01 11:02:18 +02:00
Makefile
compat.c net: Return the correct errno code 2021-06-18 09:59:00 +02:00
socket.c net: don't unconditionally copy_from_user a struct ifreq for socket ioctls 2021-09-03 10:08:16 +02:00
sysctl_net.c treewide: Add SPDX license identifier for missed files 2019-05-21 10:50:45 +02:00