lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date:   Thu, 09 Nov 2017 14:08:08 +0900 (KST)
From:   David Miller <davem@...emloft.net>
To:     torvalds@...ux-foundation.org
CC:     akpm@...ux-foundation.org, netdev@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: [GIT] Networking


1) Fix use-after-free in IPSEC input parsing, desintation address
   pointer was loaded before pskb_may_pull() which can change the
   SKB data pointers.  From Florian Westphal.

2) Stack out-of-bounds read in xfrm_state_find(), from Steffen
   Klassert.

3) IPVS state of SKB is not properly reset when moving between
   namespaces, from Ye Yin.

4) Fix crash in asix driver suspend and resume, from Andrey Konovalov.

5) Don't deliver ipv6 l2tp tunnel packets to ipv4 l2tp tunnels, and
   vice versa, from Guillaume Nault.

6) Fix DSACK undo on non-dup ACKs, from Priyaranjan Jha.

7) Fix regression in bond_xmit_hash()'s behavior after the TCP port
   selection changes back in 4.2, from Hangbin Liu.

8) Two divide by zero bugs in USB networking drivers when parsing
   descriptors, from Bjorn Mork.

9) Fix bonding slaves being stuck in BOND_LINK_FAIL state, from Jay
   Vosburgh.

10) Missing skb_reset_mac_header() in qmi_wwan, from Kristian Evensen.

11) Fix the destruction of tc action object races properly, from
    Cong Wang.

Please pull, thanks a lot!

The following changes since commit d4c2e9fca5b7db8d315d93a072e65d0847f8e0c5:

  Merge tag 'clk-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/clk/linux (2017-11-03 13:56:15 -0700)

are available in the git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git 

for you to fetch changes up to 6a17280247458ac2c302200e2d6ae36656f75bc6:

  Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec (2017-11-09 10:58:35 +0900)

----------------------------------------------------------------
Andrey Konovalov (2):
      net: usb: asix: fill null-ptr-deref in asix_suspend
      net: usb: asix: fill null-ptr-deref in asix_suspend

Bjorn Andersson (1):
      qrtr: Move to postcore_initcall

Bjørn Mork (2):
      net: cdc_ether: fix divide by 0 on bad descriptors
      net: qmi_wwan: fix divide by 0 on bad descriptors

Cong Wang (13):
      Revert "net_sched: hold netns refcnt for each action"
      net_sched: introduce tcf_exts_get_net() and tcf_exts_put_net()
      cls_basic: use tcf_exts_get_net() before call_rcu()
      cls_bpf: use tcf_exts_get_net() before call_rcu()
      cls_cgroup: use tcf_exts_get_net() before call_rcu()
      cls_flow: use tcf_exts_get_net() before call_rcu()
      cls_flower: use tcf_exts_get_net() before call_rcu()
      cls_fw: use tcf_exts_get_net() before call_rcu()
      cls_matchall: use tcf_exts_get_net() before call_rcu()
      cls_route: use tcf_exts_get_net() before call_rcu()
      cls_rsvp: use tcf_exts_get_net() before call_rcu()
      cls_tcindex: use tcf_exts_get_net() before call_rcu()
      cls_u32: use tcf_exts_get_net() before call_rcu()

David S. Miller (3):
      Revert "net: usb: asix: fill null-ptr-deref in asix_suspend"
      Merge branch 'net-sched-race-fix'
      Merge branch 'master' of git://git.kernel.org/.../klassert/ipsec

Florian Westphal (2):
      xfrm: defer daddr pointer assignment after spi parsing
      xfrm: do unconditional template resolution before pcpu cache check

Ganesh Goudar (1):
      cxgb4: update latest firmware version supported

Guillaume Nault (1):
      l2tp: don't use l2tp_tunnel_find() in l2tp_ip and l2tp_ip6

Gustavo A. R. Silva (1):
      net/mlx5e/core/en_fs: fix pointer dereference after free in mlx5e_execute_l2_action

Hangbin Liu (1):
      bonding: discard lowest hash bit for 802.3ad layer3+4

Jay Vosburgh (1):
      bonding: fix slave stuck in BOND_LINK_FAIL state

Kristian Evensen (1):
      qmi_wwan: Add missing skb_reset_mac_header-call

Marc Zyngier (1):
      net: mvpp2: Prevent userspace from changing TX affinities

Priyaranjan Jha (1):
      tcp: fix DSACK-based undo on non-duplicate ACK

Steffen Klassert (1):
      xfrm: Fix stack-out-of-bounds read in xfrm_state_find.

Ye Yin (1):
      netfilter/ipvs: clear ipvs_property flag when SKB net namespace changed

 drivers/net/bonding/bond_main.c                   |  3 ++-
 drivers/net/ethernet/chelsio/cxgb4/t4fw_version.h |  6 +++---
 drivers/net/ethernet/marvell/mvpp2.c              |  4 ++++
 drivers/net/ethernet/mellanox/mlx5/core/en_fs.c   | 13 ++++++++-----
 drivers/net/usb/asix_devices.c                    |  4 ++--
 drivers/net/usb/cdc_ether.c                       |  2 +-
 drivers/net/usb/qmi_wwan.c                        |  3 ++-
 include/linux/skbuff.h                            |  7 +++++++
 include/net/act_api.h                             |  4 +---
 include/net/pkt_cls.h                             | 24 ++++++++++++++++++++++++
 net/core/skbuff.c                                 |  1 +
 net/ipv4/tcp_input.c                              |  2 +-
 net/l2tp/l2tp_ip.c                                | 24 +++++++++---------------
 net/l2tp/l2tp_ip6.c                               | 24 +++++++++---------------
 net/qrtr/qrtr.c                                   |  2 +-
 net/sched/act_api.c                               |  2 --
 net/sched/act_bpf.c                               |  2 +-
 net/sched/act_connmark.c                          |  2 +-
 net/sched/act_csum.c                              |  2 +-
 net/sched/act_gact.c                              |  2 +-
 net/sched/act_ife.c                               |  2 +-
 net/sched/act_ipt.c                               |  4 ++--
 net/sched/act_mirred.c                            |  2 +-
 net/sched/act_nat.c                               |  2 +-
 net/sched/act_pedit.c                             |  2 +-
 net/sched/act_police.c                            |  2 +-
 net/sched/act_sample.c                            |  2 +-
 net/sched/act_simple.c                            |  2 +-
 net/sched/act_skbedit.c                           |  2 +-
 net/sched/act_skbmod.c                            |  2 +-
 net/sched/act_tunnel_key.c                        |  2 +-
 net/sched/act_vlan.c                              |  2 +-
 net/sched/cls_api.c                               |  1 +
 net/sched/cls_basic.c                             | 20 +++++++++++++++-----
 net/sched/cls_bpf.c                               |  7 ++++++-
 net/sched/cls_cgroup.c                            | 24 ++++++++++++++++++------
 net/sched/cls_flow.c                              | 24 ++++++++++++++++++------
 net/sched/cls_flower.c                            | 16 +++++++++++++---
 net/sched/cls_fw.c                                | 17 ++++++++++++++---
 net/sched/cls_matchall.c                          | 15 ++++++++++++---
 net/sched/cls_route.c                             | 17 ++++++++++++++---
 net/sched/cls_rsvp.h                              | 15 ++++++++++++---
 net/sched/cls_tcindex.c                           | 33 ++++++++++++++++++++++++++-------
 net/sched/cls_u32.c                               |  8 +++++++-
 net/xfrm/xfrm_input.c                             |  4 ++--
 net/xfrm/xfrm_policy.c                            | 71 +++++++++++++++++++++++++++++++++++-----------------------------------
 46 files changed, 285 insertions(+), 146 deletions(-)

Powered by blists - more mailing lists