lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date:   Fri, 5 Jul 2019 18:03:18 +0200
From:   Greg KH <greg@...ah.com>
To:     linux-kernel@...r.kernel.org
Cc:     gnault@...hat.com, stable-commits@...r.kernel.org
Subject: Re: Patch "netfilter: ipv6: nf_defrag: accept duplicate fragments
 again" has been added to the 4.19-stable tree

On Fri, Jul 05, 2019 at 10:04:20AM -0400, Sasha Levin wrote:
> This is a note to let you know that I've just added the patch titled
> 
>     netfilter: ipv6: nf_defrag: accept duplicate fragments again
> 
> to the 4.19-stable tree which can be found at:
>     http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
> 
> The filename of the patch is:
>      netfilter-ipv6-nf_defrag-accept-duplicate-fragments-.patch
> and it can be found in the queue-4.19 subdirectory.
> 
> If you, or anyone else, feels it should not be added to the stable tree,
> please let <stable@...r.kernel.org> know about it.
> 
> 
> 
> commit 447d05e723b06f8aa1a9cba0f7b4c0029924663c
> Author: Guillaume Nault <gnault@...hat.com>
> Date:   Thu Jun 6 18:04:00 2019 +0200
> 
>     netfilter: ipv6: nf_defrag: accept duplicate fragments again
>     
>     [ Upstream commit 8a3dca632538c550930ce8bafa8c906b130d35cf ]
>     
>     When fixing the skb leak introduced by the conversion to rbtree, I
>     forgot about the special case of duplicate fragments. The condition
>     under the 'insert_error' label isn't effective anymore as
>     nf_ct_frg6_gather() doesn't override the returned value anymore. So
>     duplicate fragments now get NF_DROP verdict.
>     
>     To accept duplicate fragments again, handle them specially as soon as
>     inet_frag_queue_insert() reports them. Return -EINPROGRESS which will
>     translate to NF_STOLEN verdict, like any accepted fragment. However,
>     such packets don't carry any new information and aren't queued, so we
>     just drop them immediately.
>     
>     Fixes: a0d56cb911ca ("netfilter: ipv6: nf_defrag: fix leakage of unqueued fragments")
>     Signed-off-by: Guillaume Nault <gnault@...hat.com>
>     Signed-off-by: Pablo Neira Ayuso <pablo@...filter.org>
>     Signed-off-by: Sasha Levin <sashal@...nel.org>

Why not add this to 5.1.y as well?

thanks,

greg k-h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ