APPLIED[All but OEM-5.14]: [SRU K,HWE-5.17,J,OEM-5.14,F,B 0/3] CVE-2022-3567 // CVE-2022-3566

[Stefan Bader]

On 17.11.22 04:56, Thadeu Lima de Souza Cascardo wrote:
> [Impact]
> Under some race conditions, a different sk_prot (specially when an IPv6
> socket is downgraded to IPv4) or a icsk_af_ops may be read.
> 
> [Backport]
> An extra pre-req also fixing such data races was applied. Some context
> has changed, new functions were introduced, other functions have been moved
> and some hooks were not called. That lead to this final backport.
> 
> [Potential regression]
> We may see failures and crashes on TCP and IPv6 workloads.
> 
> Eric Dumazet (1):
>    ipv6: annotate some data-races around sk->sk_prot
> 
> Kuniyuki Iwashima (2):
>    ipv6: Fix data races around sk->sk_prot.
>    tcp: Fix data races around icsk->icsk_af_ops.
> 
>   net/core/sock.c          |  6 ++++--
>   net/ipv4/af_inet.c       | 21 +++++++++++++++------
>   net/ipv4/tcp.c           | 10 ++++++----
>   net/ipv6/af_inet6.c      | 14 ++++++++++----
>   net/ipv6/ipv6_sockglue.c | 11 ++++++++---
>   net/ipv6/tcp_ipv6.c      |  6 ++++--
>   6 files changed, 47 insertions(+), 21 deletions(-)
> 

Applied to all but OEM-5.14. Thanks.

-Stefan

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20221121/1705f6a4/attachment.sig>