lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Wed, 16 Oct 2019 16:26:50 +0100
From:   Edward Cree <ecree@...arflare.com>
To:     David Miller <davem@...emloft.net>
CC:     <lucien.xin@...il.com>, <netdev@...r.kernel.org>,
        <linux-sctp@...r.kernel.org>, <marcelo.leitner@...il.com>,
        <nhorman@...driver.com>, <brouer@...hat.com>, <dvyukov@...gle.com>,
        <syzkaller-bugs@...glegroups.com>
Subject: Stable request (was Re: [PATCH net-next] net: ipv6: fix listify
 ip6_rcv_finish in case of forwarding)

On 04/10/2019 16:17, Edward Cree wrote:
> On 23/08/2019 22:42, David Miller wrote:
>> From: Xin Long <lucien.xin@...il.com>
>> Date: Fri, 23 Aug 2019 19:33:03 +0800
>>
>>> We need a similar fix for ipv6 as Commit 0761680d5215 ("net: ipv4: fix
>>> listify ip_rcv_finish in case of forwarding") does for ipv4.
>>>
>>> This issue can be reprocuded by syzbot since Commit 323ebb61e32b ("net:
>>> use listified RX for handling GRO_NORMAL skbs") on net-next. The call
>>> trace was:
>>  ...
>>> Fixes: d8269e2cbf90 ("net: ipv6: listify ipv6_rcv() and ip6_rcv_finish()")
>>> Fixes: 323ebb61e32b ("net: use listified RX for handling GRO_NORMAL skbs")
>>> Reported-by: syzbot+eb349eeee854e389c36d@...kaller.appspotmail.com
>>> Reported-by: syzbot+4a0643a653ac375612d1@...kaller.appspotmail.com
>>> Signed-off-by: Xin Long <lucien.xin@...il.com>
>> Applied, thanks.
> Just noticed that this only went to net-next (and 5.4-rc1), when actually
>  it's needed on all kernels back to 4.19 (per the first Fixes: tag).  The
>  second Fixes: reference, 323ebb61e32b, merely enables syzbot to hit it on
>  whatever hardware it has, but the bug was already there, and hittable on
>  sfc NICs.
> David, can this go to stable please?
Hi, did this get missed or was my request improper in some way?
Our testing has been hitting this issue on distro kernels (Fedora, Debian,
 Ubuntu), we'd like the fix to get everywhere it's needed and AIUI -stable
 is the proper route for that.
For reference, the fix was committed as c7a42eb49212.

-Ed

Powered by blists - more mailing lists