APPLIED: [PATCH 0/4][SRU][D] CVE-2019-3900: vhost DoS
Khaled Elmously
khalid.elmously at canonical.com
Mon Aug 12 17:25:30 UTC 2019
On 2019-08-08 04:43:31 , Tyler Hicks wrote:
> https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-3900.html
>
> An infinite loop issue was found in the vhost_net kernel module in
> Linux Kernel up to and including v5.1-rc6, while handling incoming
> packets in handle_rx(). It could occur if one end sends packets faster
> than the other end can process them. A guest user, maybe remote one,
> could use this flaw to stall the vhost_net kernel thread, resulting in
> a DoS scenario.
>
> All clean cherry picks. Build logs are clean. I tested with netperf's
> TCP_RR test, initiated from both the host and the guest, to ensure that
> the vhost-net connection was stable and that performance was similar
> before and after the patches were applied.
>
> Tyler
>
> Jason Wang (4):
> vhost: introduce vhost_exceeds_weight()
> vhost_net: fix possible infinite loop
> vhost: vsock: add weight support
> vhost: scsi: add weight support
>
> drivers/vhost/net.c | 41 ++++++++++++++---------------------------
> drivers/vhost/scsi.c | 21 ++++++++++++++-------
> drivers/vhost/vhost.c | 20 +++++++++++++++++++-
> drivers/vhost/vhost.h | 5 ++++-
> drivers/vhost/vsock.c | 28 +++++++++++++++++++++-------
> 5 files changed, 72 insertions(+), 43 deletions(-)
>
> --
> 2.7.4
>
>
> --
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
More information about the kernel-team
mailing list