Linux 2.4 Kernel MAC Module Filtering Bypassing Vulnerability

Linux 2.4 Kernel MAC Module Filtering Bypassing Vulnerability

Solution:
This fix has been provided by Harald Welte, the Netfilter maintainer:

--- linux-2.4.9/net/ipv4/netfilter/ipt_mac.c Tue Oct 2 18:50:56 2001
+++ linux-2.4.9-ipt_mac-fix/net/ipv4/netfilter/ipt_mac.c Tue Oct 2 19:32:20 2001
@@ -20,7 +20,7 @@

/* Is mac pointer valid? */
return (skb->mac.raw >= skb->head
- && skb->mac.raw < skb->head + skb->len - ETH_HLEN
+ && (skb->mac.raw + ETH_HLEN) <= skb->data
/* If so, compare... */
&& ((memcmp(skb->mac.ethernet->h_source, info->srcaddr, ETH_ALEN)
== 0) ^ info->invert));