On Sun, May 13, 2018 at 08:23:49PM -0400, David Miller wrote:
> From: Eric Dumazet
> Date: Sat, 12 May 2018 02:49:30 -0700
>
> > syzbot found a way to trigger an infinitie loop by overflowing
> > @offset variable that has been forced to use u16 for some very
> > obscure reason in the past.
> >
>
From: Eric Dumazet
Date: Sat, 12 May 2018 02:49:30 -0700
> syzbot found a way to trigger an infinitie loop by overflowing
> @offset variable that has been forced to use u16 for some very
> obscure reason in the past.
>
> We probably want to look at NEXTHDR_FRAGMENT handling which looks
> wrong,
