DivestOS/Patches/Linux_CVEs/CVE-2016-7917/3.18/1.patch

diff --git a/net/netfilter/nfnetlink.c b/net/netfilter/nfnetlink.c
index e41bab3..daec7d6 100644
--- a/net/netfilter/nfnetlink.c
+++ b/net/netfilter/nfnetlink.c
@@ -321,10 +321,12 @@
 		nlh = nlmsg_hdr(skb);
 		err = 0;
 
-		if (nlmsg_len(nlh) < sizeof(struct nfgenmsg) ||
-		    skb->len < nlh->nlmsg_len) {
-			err = -EINVAL;
-			goto ack;
+		if (nlh->nlmsg_len < NLMSG_HDRLEN ||
+		    skb->len < nlh->nlmsg_len ||
+		    nlmsg_len(nlh) < sizeof(struct nfgenmsg)) {
+			nfnl_err_reset(&err_list);
+			success = false;
+			goto done;
 		}
 
 		/* Only requests are handled by the kernel */
Update Linux CVE patches 2017-10-29 22:14:37 -04:00			`diff --git a/net/netfilter/nfnetlink.c b/net/netfilter/nfnetlink.c`
			`index e41bab3..daec7d6 100644`
			`--- a/net/netfilter/nfnetlink.c`
			`+++ b/net/netfilter/nfnetlink.c`
			`@@ -321,10 +321,12 @@`
			`nlh = nlmsg_hdr(skb);`
			`err = 0;`

			`- if (nlmsg_len(nlh) < sizeof(struct nfgenmsg) \|\|`
			`- skb->len < nlh->nlmsg_len) {`
			`- err = -EINVAL;`
			`- goto ack;`
			`+ if (nlh->nlmsg_len < NLMSG_HDRLEN \|\|`
			`+ skb->len < nlh->nlmsg_len \|\|`
			`+ nlmsg_len(nlh) < sizeof(struct nfgenmsg)) {`
			`+ nfnl_err_reset(&err_list);`
			`+ success = false;`
			`+ goto done;`
			`}`

			`/* Only requests are handled by the kernel */`