APPLIED: [PATCH 0/2][SRU][D] CVE-2019-3874 - SCTP Denial of Service
Kleber Souza
kleber.souza at canonical.com
Tue Apr 23 14:57:28 UTC 2019
On 4/18/19 9:49 AM, Tyler Hicks wrote:
> https://people.canonical.com/~ubuntu-security/cve/?cve=CVE-2019-3874
>
> The SCTP socket buffer used by a userspace application is not accounted by
> the cgroups subsystem. An attacker can use this flaw to cause a denial of
> service attack. Kernel 3.10.x and 4.18.x branches are believed to be
> vulnerable.
>
> Clean cherry picks. Build logs are clean. I've regression tested these changes
> by moving 1 GiB of data using SCTP over the loopback interface.
>
> Tyler
>
> Xin Long (2):
> sctp: implement memory accounting on tx path
> sctp: implement memory accounting on rx path
>
> include/net/sctp/sctp.h | 2 +-
> net/sctp/sm_statefuns.c | 6 ++++--
> net/sctp/socket.c | 10 ++++++++--
> net/sctp/ulpevent.c | 19 ++++++++-----------
> net/sctp/ulpqueue.c | 3 ++-
> 5 files changed, 23 insertions(+), 17 deletions(-)
>
Applied to disco/master-next branch.
Thanks,
Kleber
More information about the kernel-team
mailing list