On 20/10/2022 17.32, Artur Łącki wrote:
> I tested these patches with my exploit. At the moment it looks like the
> vulnerability has been fixed.
Thanks for testing. Can I/we add a "Tested-by: Artur Łącki
"?
Rasmus
I tested these patches with my exploit. At the moment it looks like the
vulnerability has been fixed.
I found this problem while porting a security patch to my uboot. I've
created a PoC exploit which can hang uboot during ping command (even with
commit b85d130ea0cac152c21ec38ac9417b31d41b5552). In my case changing:
if (ip->ip_len < IP_MIN_FRAG_DATAGRAM_SIZE)
to:
if (ntohs(ip->ip_len) <
3 matches
Mail list logo