Author: gordon Date: Tue May 12 16:55:32 2020 New Revision: 360975 URL: https://svnweb.freebsd.org/changeset/base/360975
Log: Fix improper checking in SCTP-AUTH shared key update. Approved by: so Security: FreeBSD-SA-20:14.sctp Security: CVE-2019-15878 Modified: releng/11.3/sys/netinet/sctp_auth.c Modified: releng/11.3/sys/netinet/sctp_auth.c ============================================================================== --- releng/11.3/sys/netinet/sctp_auth.c Tue May 12 16:54:39 2020 (r360974) +++ releng/11.3/sys/netinet/sctp_auth.c Tue May 12 16:55:32 2020 (r360975) @@ -521,7 +521,7 @@ sctp_insert_sharedkey(struct sctp_keyhead *shared_keys } else if (new_skey->keyid == skey->keyid) { /* replace the existing key */ /* verify this key *can* be replaced */ - if ((skey->deactivated) && (skey->refcount > 1)) { + if ((skey->deactivated) || (skey->refcount > 1)) { SCTPDBG(SCTP_DEBUG_AUTH1, "can't replace shared key id %u\n", new_skey->keyid); _______________________________________________ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"