NAK [OEM-5.10] Re: [SRU Bionic, Groovy, Focal/linux-oem-5.6, Focal/linux-oem-5.10 0/2] CVE-2021-23133

Timo Aaltonen tjaalton at
Thu Jun 3 07:54:18 UTC 2021

On 26.5.2021 18.11, Thadeu Lima de Souza Cascardo wrote:
> [Impact]
> When a SCTP socket fails to be created because of an attached BPF program, a
> race might cause a list to be corrupt.
> [Fix]
> A first fix was submitted and accepted but found to cause potential lockups.
> In kernels where this fix has been applied, it was reverted and the second
> fix was applied. In other kernels, only the second fix was applied.
> [Test]
> A reproducer for the list corruption was tested with slub_debug=FZP,SCTP,
> because that was the only condition where the corruption could be noticed.
> Also, the syzbot reproducer for the lockup was run, though there was no
> indication of a lockup on an unpatched kernel.
> [Potential regressions]
> SCTP asconf might fail to work properly, or lockups might happen when creating
> or destroying SCTP sockets.
> Xin Long (1):
>    Revert "net/sctp: fix race condition in sctp_destroy_sock"
>    sctp: delay auto_asconf init until binding the first addr
>   net/sctp/socket.c | 31 +++++++++++++++++--------------
>   1 file changed, 17 insertions(+), 14 deletions(-)

already applied via 5.10.37 (LP: #1930557)


More information about the kernel-team mailing list