[PATCH 0/4][SRU][D] CVE-2019-3900: vhost DoS

Tyler Hicks tyhicks at canonical.com
Thu Aug 8 04:43:31 UTC 2019


https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-3900.html

 An infinite loop issue was found in the vhost_net kernel module in
 Linux Kernel up to and including v5.1-rc6, while handling incoming
 packets in handle_rx(). It could occur if one end sends packets faster
 than the other end can process them. A guest user, maybe remote one,
 could use this flaw to stall the vhost_net kernel thread, resulting in
 a DoS scenario.

All clean cherry picks. Build logs are clean. I tested with netperf's
TCP_RR test, initiated from both the host and the guest, to ensure that
the vhost-net connection was stable and that performance was similar
before and after the patches were applied.

Tyler

Jason Wang (4):
  vhost: introduce vhost_exceeds_weight()
  vhost_net: fix possible infinite loop
  vhost: vsock: add weight support
  vhost: scsi: add weight support

 drivers/vhost/net.c   | 41 ++++++++++++++---------------------------
 drivers/vhost/scsi.c  | 21 ++++++++++++++-------
 drivers/vhost/vhost.c | 20 +++++++++++++++++++-
 drivers/vhost/vhost.h |  5 ++++-
 drivers/vhost/vsock.c | 28 +++++++++++++++++++++-------
 5 files changed, 72 insertions(+), 43 deletions(-)

-- 
2.7.4




More information about the kernel-team mailing list