| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20251215215119.63681-1-gyokhan@amazon.de>
Date: Mon, 15 Dec 2025 21:51:17 +0000
From: Gyokhan Kochmarla <gyokhan@...zon.de>
To: <stable@...r.kernel.org>
CC: <edumazet@...gle.com>, <davem@...emloft.net>, <dsahern@...nel.org>,
<kuba@...nel.org>, <pabeni@...hat.com>, <linux@...khan.com>,
<netdev@...r.kernel.org>, <horms@...nel.org>, <linux-kernel@...r.kernel.org>
Subject: [PATCH 6.12.y 0/2] net: dst: Backport fix CVE-2025-40075
From: Gyokhan Kochmarla <gyokhan@...zon.com>
This patch series backports two commits from mainline to fix CVE-2025-40075,
a data race vulnerability in dst->dev access.
The first patch introduces dst->dev_rcu and dst_dev_net_rcu() helper to
provide proper RCU protection with lockdep support. The second patch uses
the new helper in tcp_metrics to eliminate unsafe dst_dev() calls.
These are clean cherry-picks from mainline commits:
- caedcc5b6df1 ("net: dst: introduce dst->dev_rcu")
- 50c127a69cd6 ("tcp_metrics: use dst_dev_net_rcu()")
Eric Dumazet (2):
net: dst: introduce dst->dev_rcu
tcp_metrics: use dst_dev_net_rcu()
include/net/dst.h | 16 +++++++++++-----
net/core/dst.c | 2 +-
net/ipv4/route.c | 4 ++--
net/ipv4/tcp_metrics.c | 6 +++---
4 files changed, 17 insertions(+), 11 deletions(-)
--
2.47.3
Amazon Web Services Development Center Germany GmbH
Tamara-Danz-Str. 13
10243 Berlin
Geschaeftsfuehrung: Christof Hellmis, Andreas Stieger
Eingetragen am Amtsgericht Charlottenburg unter HRB 257764 B
Sitz: Berlin
Ust-ID: DE 365 538 597
Powered by blists - more mailing lists