kernel: tcp: fix a signed-integer-overflow bug in tcp_add_backlog()

A flaw was found in the Linux kernel’s TCP implementation in the function tcpaddbacklog. When calculating the maximum acceptable backlog for TCP sockets, the sum of the receive buffer skrcvbuf, the send buffer sksndbuf, and a fixed constant may exceed the maximum value of a signed integer due to...

kernel: tcp: fix a signed-integer-overflow bug in tcp_add_backlog()

A flaw was found in the Linux kernel’s TCP implementation in the function tcpaddbacklog. When calculating the maximum acceptable backlog for TCP sockets, the sum of the receive buffer skrcvbuf, the send buffer sksndbuf, and a fixed constant may exceed the maximum value of a signed integer due to...

EUVD-2022-55833

In the Linux kernel, the following vulnerability has been resolved: tcp: fix a signed-integer-overflow bug in tcpaddbacklog The type of skrcvbuf and sksndbuf in struct sock is int, and in tcpaddbacklog, the variable limit is caculated by adding skrcvbuf, sksndbuf and 64 1024, it may exceed the ma...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an integer overflow in the tcpaddbacklog function, which could lead to a buffer overflow...

GSD-2022-1006628 tcp: fix a signed-integer-overflow bug in tcp_add_backlog()

tcp: fix a signed-integer-overflow bug in tcpaddbacklog This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.7 by commit...