APPLIED [OEM-5.14/OEM-5.17] Re: [SRU F/OEM-5.14/J/OEM-5.17 PATCH 0/3] CVE-2021-33061

Timo Aaltonen tjaalton at ubuntu.com
Fri Aug 12 06:42:38 UTC 2022 

Cengiz Can kirjoitti 27.7.2022 klo 6.30:
> [Impact]
> Insufficient control flow management for the Intel(R) 82599 Ethernet
> Controllers and Adapters may allow an authenticated user to potentially
> enable denial of service via local access.
> 
> [Fix]
> Patches were first introduced to net-next and were pulled to upstream.
> 
> Break commit has not been clearly identified so it's assumed that
> it existed for a while.
> 
> "ixgbe: add improvement for MDD response functionality" is the actual
> fix to the issue. Last patch in the series checks a flag that was
> renamed in 5.17. After discussions, I decided to put an alias into the
> header and keep the fragments untouched.
> 
> [Test case]
> Compile and boot tested on KVM only. Since I don't have access to the
> target ethernet chip, testing scope was limited.
> 
> [Potential regression]
> The checks that were added by the author are new and target specific
> hardware IDs. Regression potential should be minimal.
> 
> The alias lines added to `mbx.h` (for < 5.17) should be removed if
> commit 0edbecd57057 ever lands in on our kernels.
> 
> Slawomir Mrozowicz (3):
>    ixgbe: add the ability for the PF to disable VF link state
>    ixgbe: add improvement for MDD response functionality
>    ixgbevf: add disable link state
> 
>   drivers/net/ethernet/intel/ixgbe/ixgbe.h      |   6 +
>   .../net/ethernet/intel/ixgbe/ixgbe_ethtool.c  |  21 ++
>   drivers/net/ethernet/intel/ixgbe/ixgbe_main.c |  39 +++-
>   drivers/net/ethernet/intel/ixgbe/ixgbe_mbx.h  |   2 +
>   .../net/ethernet/intel/ixgbe/ixgbe_sriov.c    | 207 ++++++++++++++----
>   .../net/ethernet/intel/ixgbe/ixgbe_sriov.h    |   4 +-
>   drivers/net/ethernet/intel/ixgbevf/ixgbevf.h  |   2 +
>   .../net/ethernet/intel/ixgbevf/ixgbevf_main.c |  11 +-
>   drivers/net/ethernet/intel/ixgbevf/mbx.h      |  12 +
>   drivers/net/ethernet/intel/ixgbevf/vf.c       |  42 ++++
>   drivers/net/ethernet/intel/ixgbevf/vf.h       |   1 +
>   11 files changed, 301 insertions(+), 46 deletions(-)
> 

applied to oem kernels, thanks

-- 
t

More information about the kernel-team mailing list