On Wed, Mar 15, 2023 at 05:11:01PM +0800, Faicker Mo wrote:
> Derivation cases of CVE-2020-35498:
> 1. invalid ipv4 header total-length field
> 2. invalid ipv6 header payload-length field
> These may cause unwanted flow to send to datapath.
>
>
> Signed-off-by: Faicker Mo
Hi Faiker,
This
(no L3) will drop the valid L3 packet.
So this fix does as the kernel datapath does.
From: Flavio Leitner
Date: 2023-03-27 23:26:27
To: Simon Horman
Cc: Faicker Mo ,d...@openvswitch.org,Ilya Maximets
Subject: Re: [ovs-dev] [PATCH] flow: fix sanity check for unexpected ip header
length
On Mon, Mar 27, 2023 at 03:34:52PM +0200, Simon Horman wrote:
> On Wed, Mar 15, 2023 at 05:11:01PM +0800, Faicker Mo wrote:
> > Derivation cases of CVE-2020-35498:
> > 1. invalid ipv4 header total-length field
> > 2. invalid ipv6 header payload-length field
> > These may cause unwanted flow to
On Wed, Mar 15, 2023 at 05:11:01PM +0800, Faicker Mo wrote:
> Derivation cases of CVE-2020-35498:
> 1. invalid ipv4 header total-length field
> 2. invalid ipv6 header payload-length field
> These may cause unwanted flow to send to datapath.
>
>
> Signed-off-by: Faicker Mo
I think the immediate
Derivation cases of CVE-2020-35498:
1. invalid ipv4 header total-length field
2. invalid ipv6 header payload-length field
These may cause unwanted flow to send to datapath.
Signed-off-by: Faicker Mo
---
lib/flow.c | 11 +--
tests/classifier.at | 42
