From: Eric Dumazet
Date: Fri, 1 Jun 2018 09:23:02 -0700
> syzbot was able to trick af_packet again [1]
:-(
> Various commits tried to address the problem in the past,
> but failed to take into account V3 header size.
>
> [1]
...
> Fixes: 2b6867c2ce76 ("net/packet: fix overflow in check for p
syzbot was able to trick af_packet again [1]
Various commits tried to address the problem in the past,
but failed to take into account V3 header size.
[1]
tpacket_rcv: packet too big, clamped from 72 to 4294967224. macoff=96
BUG: KASAN: use-after-free in prb_run_all_ft_ops net/packet/af_packet.c
