ACK: [SRU][Jammy-OEM-5.17/OEM-6.0][PATCH 0/2] CVE-2022-4269
Tim Gardner
tim.gardner at canonical.com
Mon Aug 7 12:21:48 UTC 2023
On 8/4/23 11:27 AM, Yuxuan Luo wrote:
> [Impact]
> A flaw was found in the Linux kernel Traffic Control (TC) subsystem. Using
> a specific networking configuration (redirecting egress packets to ingress
> using TC action "mirred") a local unprivileged user could trigger a CPU
> soft lockup (ABBA deadlock) when the transport protocol in use (TCP or
> SCTP) does a retransmission, resulting in a denial of service condition.
>
> [Backport]
> For Jammy, there is a build error at `mirred_nest_level` not found. In order to
> fix this problem, backport 78dcdffe0418 (“net/sched: act_mirred: better
> wording on protection against excessive stack growth”), this commit renamed
> some variables, which solves the error of the fix commit.
>
> [Test]
> Compile and smoke tested via `sudo tc filter add dev dummy0 protocol ip
> pref 100 handle 100 flower`.
>
> [Potential Regression]
> Expecting really low potential regression as the two commits only
> refactor and add some checks.
>
> Davide Caratti (1):
> act_mirred: use the backlog for nested calls to mirred ingress
>
> net/sched/act_mirred.c | 7 +++
> .../selftests/net/forwarding/tc_actions.sh | 49 ++++++++++++++++++-
> 2 files changed, 55 insertions(+), 1 deletion(-)
>
Acked-by: Tim Gardner <tim.gardner at canonical.com>
--
-----------
Tim Gardner
Canonical, Inc
More information about the kernel-team
mailing list