[SRU][J/F][PATCH v2 0/1] CVE-2024-44940
Bethany Jamison
bethany.jamison at canonical.com
Tue Oct 8 17:38:49 UTC 2024
[Impact]
Drop the WARN_ON_ONCE inn gue_gro_receive if the encapsulated type is
not known or does not have a GRO handler. Such a packet is easily
constructed. Syzbot generates them and sets off this warning. Remove
the warning as it is expected and not actionable.
[Fix]
Noble: applied via stable team
Jammy: Clean cherry-pick from linux-6.1.y
Focal: Backport from linux-6.1.y - kept 'goto out_unlock' instead of
'goto out', avoided adding commit
fc1ca3348a74a1afaa7ffebc2b2f2cc149e11278
Bionic: pending (4.15.0-230.242)
Xenial: pending (4.4.0-260.294)
Trusty: not-affected
[Test Case]
Compile and boot tested.
[Where problems could occur]
This fix affects those who use FOU (Foo-over-UDP), an issue with this
fix would be visible to the user via continued excessive warnings from
'gue_gro_recieve'.
v2: My Jammy patch in v1 was incorrect, I believed that Jammy was missing
commit fc1ca3348a74a1afaa7ffebc2b2f2cc149e11278 like Focal, and so I
manually backported 'goto out_unlock' instead of using 'goto out'.
Additionally, between v1 and v2 the fix commit was applied to Noble
via the stable team, so I did not include a patch for Noble in v2.
Willem de Bruijn (1):
fou: remove warn in gue_gro_receive on unsupported protocol
net/ipv4/fou.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--
2.34.1
More information about the kernel-team
mailing list