[PATCH 0/3][SRU][B] CVE-2019-3874 - SCTP Denial of Service
Tyler Hicks
tyhicks at canonical.com
Thu Apr 18 07:50:09 UTC 2019
https://people.canonical.com/~ubuntu-security/cve/?cve=CVE-2019-3874
The SCTP socket buffer used by a userspace application is not accounted by
the cgroups subsystem. An attacker can use this flaw to cause a denial of
service attack. Kernel 3.10.x and 4.18.x branches are believed to be
vulnerable.
Non-trivial backporting effort. Build logs are clean. I've regression tested
these changes by moving 1 GiB of data using SCTP over the loopback interface.
Tyler
Xin Long (3):
sctp: use sk_wmem_queued to check for writable space
sctp: implement memory accounting on tx path
sctp: implement memory accounting on rx path
include/net/sctp/sctp.h | 2 +-
net/sctp/sm_statefuns.c | 6 ++++--
net/sctp/socket.c | 44 +++++++++++++++-----------------------------
net/sctp/ulpevent.c | 19 ++++++++-----------
net/sctp/ulpqueue.c | 3 ++-
5 files changed, 30 insertions(+), 44 deletions(-)
--
2.7.4
More information about the kernel-team
mailing list