[Trusty SRU][CVE-2016-8632][PATCH 0/1] Fix for CVE-2016-8632

Kleber Sacilotto de Souza kleber.souza at canonical.com
Wed Sep 6 12:02:07 UTC 2017


Notes:
 - Only Trusty is missing this fix.
 - The macros MAX_H_SIZE and INT_H_SIZE were duplicated to avoid mutual header
   inclusion (as done by bwh on the backport for 3.16).
 - Trusty doesn't have e4d050cb (tipc: eliminate code duplication in media
   layer), so the bearer changes needed to be duplicated for eth and ib media.
 - UDP media is not supported, so the changes to udp_media.c can be dropped.
    
Test results:

I created a dummy eth device, loaded the tipc module and used tipc-config to
configure it:

$ sudo tipc-config -netid=1234 -a=1.1.8 -be=eth:dummy0

then changed the MTU of the dummy interface (min is 100):

$ sudo ifconfig dummy0 mtu 1400
$ sudo ifconfig dummy0 mtu 99

Before:
$ dmesg | tail
[   72.021051] tipc: Activated (version 2.0.0)
[   72.022581] NET: Registered protocol family 30
[   72.023598] tipc: Started in single node mode
[   74.852438] tipc: Started in network mode
[   74.852451] tipc: Own node address <1.1.8>, network identity 1234
[   74.852596] tipc: Enabled bearer <eth:dummy0>, discovery domain <1.1.0>, priority 10
[  119.564731] tipc: Blocking bearer <eth:dummy0>
[  130.921262] tipc: Blocking bearer <eth:dummy0>

After:
[ 3257.082536] tipc: Activated (version 2.0.0)
[ 3257.083965] NET: Registered protocol family 30
[ 3257.084822] tipc: Started in single node mode
[ 3305.372639] tipc: Started in network mode
[ 3305.372652] tipc: Own node address <1.1.8>, network identity 1234
[ 3305.372856] tipc: Enabled bearer <eth:dummy0>, discovery domain <1.1.0>, priority 10
[ 3337.591294] tipc: Blocking bearer <eth:dummy0>
[ 3341.842949] dummy0: MTU too low for tipc bearer
[ 3341.842960] tipc: Disabling bearer <eth:dummy0>

Kleber

Michal Kubeček (1):
  tipc: check minimum bearer MTU

 net/tipc/bearer.h    | 16 ++++++++++++++++
 net/tipc/eth_media.c | 11 +++++++++--
 net/tipc/ib_media.c  | 11 +++++++++--
 3 files changed, 34 insertions(+), 4 deletions(-)

-- 
2.14.1





More information about the kernel-team mailing list