APPLIED/cmnt: [SRU Bionic, Groovy, Focal/linux-oem-5.6, Focal/linux-oem-5.10 0/2] CVE-2021-23133
Kleber Souza
kleber.souza at canonical.com
Thu May 27 08:42:38 UTC 2021
On 26.05.21 17:11, Thadeu Lima de Souza Cascardo wrote:
> [Impact]
> When a SCTP socket fails to be created because of an attached BPF program, a
> race might cause a list to be corrupt.
>
> [Fix]
> A first fix was submitted and accepted but found to cause potential lockups.
> In kernels where this fix has been applied, it was reverted and the second
> fix was applied. In other kernels, only the second fix was applied.
>
> [Test]
> A reproducer for the list corruption was tested with slub_debug=FZP,SCTP,
> because that was the only condition where the corruption could be noticed.
> Also, the syzbot reproducer for the lockup was run, though there was no
> indication of a lockup on an unpatched kernel.
>
> [Potential regressions]
> SCTP asconf might fail to work properly, or lockups might happen when creating
> or destroying SCTP sockets.
>
> Xin Long (1):
> Revert "net/sctp: fix race condition in sctp_destroy_sock"
> sctp: delay auto_asconf init until binding the first addr
>
> net/sctp/socket.c | 31 +++++++++++++++++--------------
> 1 file changed, 17 insertions(+), 14 deletions(-)
>
Applied to bionic:linux and groovy:linux.
Just to make sure, this isn't needed for focal:linux?
Thanks,
Kleber
More information about the kernel-team
mailing list