[SRU][M][PATCH 0/8] Fix for CVE-2024-2658{2,3,4,5}
Juerg Haefliger
juerg.haefliger at canonical.com
Mon Mar 25 10:32:52 UTC 2024
This patch series fixes the following CVEs:
CVE-2024-26582
CVE-2024-26583
CVE-2024-26584
CVE-2024-26585
The patches are all cherry-picks from stable v6.6 so should eventually come in
via an Ubuntu stable update.
Test case:
1) Enable async crypto:
$ modprobe tcrypt alg="pcrypt(generic-gcm-aesni)" type=3
2) Enable TLS function tracing:
$ echo function_graph > /sys/kernel/tracing/current_tracer
$ echo 'tls_*:mod:tls' > /sys/kernel/tracing/set_ftrace_filter
3) Run TLS kernel selftests from v6.8:
$ ./linux-6.8/tools/testing/selftests/net/tls
4) Verify:
- No call traces in the kernel log
- All modified TLS functions were called
- No additional unexpected TLS test failures
Note that the above test does *not* verify that the CVEs are actually fixed
but merely tries to ensure that the kernel doesn't blow up when exercising
the modified code paths.
Jakub Kicinski (5):
net: tls: factor out tls_*crypt_async_wait()
tls: fix race between async notify and socket close
tls: fix race between tx work scheduling and socket close
net: tls: handle backlogging of crypto requests
net: tls: fix returned read length with async decrypt
John Fastabend (1):
net: tls, fix WARNIING in __sk_msg_free
Sabrina Dubroca (2):
tls: extract context alloc/initialization out of tls_set_sw_offload
net: tls: fix use-after-free with partial reads and async decrypt
include/net/tls.h | 5 --
net/tls/tls_sw.c | 223 ++++++++++++++++++++++++----------------------
2 files changed, 116 insertions(+), 112 deletions(-)
--
2.40.1
More information about the kernel-team
mailing list