ACK: [SRU][J/F][PATCH v2 0/1] CVE-2024-44940
Guoqing Jiang
guoqing.jiang at canonical.com
Wed Oct 9 07:19:53 UTC 2024
Acked-by: Guoqing Jiang <guoqing.jiang at canonical.com>
On 10/9/24 01:38, Bethany Jamison wrote:
> [Impact]
>
> Drop the WARN_ON_ONCE inn gue_gro_receive if the encapsulated type is
> not known or does not have a GRO handler. Such a packet is easily
> constructed. Syzbot generates them and sets off this warning. Remove
> the warning as it is expected and not actionable.
>
> [Fix]
>
> Noble: applied via stable team
> Jammy: Clean cherry-pick from linux-6.1.y
> Focal: Backport from linux-6.1.y - kept 'goto out_unlock' instead of
> 'goto out', avoided adding commit
> fc1ca3348a74a1afaa7ffebc2b2f2cc149e11278
> Bionic: pending (4.15.0-230.242)
> Xenial: pending (4.4.0-260.294)
> Trusty: not-affected
>
> [Test Case]
>
> Compile and boot tested.
>
> [Where problems could occur]
>
> This fix affects those who use FOU (Foo-over-UDP), an issue with this
> fix would be visible to the user via continued excessive warnings from
> 'gue_gro_recieve'.
>
> v2: My Jammy patch in v1 was incorrect, I believed that Jammy was missing
> commit fc1ca3348a74a1afaa7ffebc2b2f2cc149e11278 like Focal, and so I
> manually backported 'goto out_unlock' instead of using 'goto out'.
> Additionally, between v1 and v2 the fix commit was applied to Noble
> via the stable team, so I did not include a patch for Noble in v2.
>
> Willem de Bruijn (1):
> fou: remove warn in gue_gro_receive on unsupported protocol
>
> net/ipv4/fou.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
More information about the kernel-team
mailing list