Bug 1277102 - ip neighbour segfaults if bad mac address is used
ip neighbour segfaults if bad mac address is used
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: iproute (Show other bugs)
6.7
Unspecified Unspecified
medium Severity medium
: rc
: ---
Assigned To: Phil Sutter
Jaroslav Aster
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2015-11-02 06:18 EST by Jaroslav Aster
Modified: 2016-05-10 20:20 EDT (History)
1 user (show)

See Also:
Fixed In Version: iproute-2.6.32-47.el6
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 1277094
Environment:
Last Closed: 2016-05-10 20:20:24 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Jaroslav Aster 2015-11-02 06:18:43 EST
The same issue on rhel-6.

iproute-2.6.32-45.el6

+++ This bug was initially created as a clone of Bug #1277094 +++

Description of problem:

ip neighbour segfaults if bad mac address is used.

Version-Release number of selected component (if applicable):

iproute-3.10.0-54.el7

How reproducible:

100%

Steps to Reproduce:

# ip link add test-iface type dummy
# ip link set test-iface up
# ip neigh add 192.168.100.3 lladdr 00:c0:7b:7d:00:c10 dev test-iface nud reachable
"c10" is invalid lladdr.
Segmentation fault
# ip link del test-iface

Actual results:

There is segfaults.

Expected results:

No segfaults.

Additional info:
Comment 1 Phil Sutter 2015-11-02 10:22:53 EST
Successfully reproduced in my local RHEL6 VM.
Comment 3 Phil Sutter 2015-11-03 07:37:57 EST
The following upstream commit fixes the issue:

commit 542b0cc759c6d3456d16c05c886b367e1b2f1e73
Author: Stephen Hemminger <shemming@brocade.com>
Date:   Tue Jan 13 18:06:16 2015 -0800

    neighbor: check return values
    
    Need to check for invalid address and buffer overrun in ip neigh
    command with invalid paramters.
Comment 7 errata-xmlrpc 2016-05-10 20:20:24 EDT
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2016-0895.html

Note You need to log in before you can comment on or make changes to this bug.