ACK: [PATCH 0/2][SRU][D/E] CVE-2019-11683: UDP GRO Denial-of-Service
Steve Beattie
sbeattie at ubuntu.com
Fri May 3 18:53:55 UTC 2019
On Fri, May 03, 2019 at 05:22:51PM +0000, Tyler Hicks wrote:
> https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-11683.html
>
> udp_gro_receive_segment in net/ipv4/udp_offload.c in the Linux kernel 5.x
> through 5.0.11 allows remote attackers to cause a denial of service
> (slab-out-of-bounds memory corruption) or possibly have unspecified other
> impact via UDP packets with a 0 payload, because of mishandling of padded
> packets, aka the "GRO packet of death" issue.
>
> Clean cherry picks and build log. I've verified that the syzbot reproducer
> crashes the 5.0.0-13.14 Disco kernel but not once these fixes are applied. I've
> also regression tested with the udpgso.sh, udpgso_bench.sh, udpgro_bench.sh,
> and udpgro.sh net selftests.
>
> Tyler
>
> Eric Dumazet (1):
> udp: fix GRO packet of death
>
> Paolo Abeni (1):
> udp: fix GRO reception in case of length mismatch
+1 from me. Thanks!
--
Steve Beattie
<sbeattie at ubuntu.com>
http://NxNW.org/~steve/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20190503/1e8c259c/attachment.sig>
More information about the kernel-team
mailing list