[SRU][Jammy-OEM-5.17/OEM-6.0][PATCH 0/2] CVE-2022-4269
Yuxuan Luo
yuxuan.luo at canonical.com
Fri Aug 4 17:27:33 UTC 2023
[Impact]
A flaw was found in the Linux kernel Traffic Control (TC) subsystem. Using
a specific networking configuration (redirecting egress packets to ingress
using TC action "mirred") a local unprivileged user could trigger a CPU
soft lockup (ABBA deadlock) when the transport protocol in use (TCP or
SCTP) does a retransmission, resulting in a denial of service condition.
[Backport]
For Jammy, there is a build error at `mirred_nest_level` not found. In order to
fix this problem, backport 78dcdffe0418 (“net/sched: act_mirred: better
wording on protection against excessive stack growth”), this commit renamed
some variables, which solves the error of the fix commit.
[Test]
Compile and smoke tested via `sudo tc filter add dev dummy0 protocol ip
pref 100 handle 100 flower`.
[Potential Regression]
Expecting really low potential regression as the two commits only
refactor and add some checks.
Davide Caratti (1):
act_mirred: use the backlog for nested calls to mirred ingress
net/sched/act_mirred.c | 7 +++
.../selftests/net/forwarding/tc_actions.sh | 49 ++++++++++++++++++-
2 files changed, 55 insertions(+), 1 deletion(-)
--
2.34.1
More information about the kernel-team
mailing list