| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250127060757.3946314-1-steffen.klassert@secunet.com>
Date: Mon, 27 Jan 2025 07:07:52 +0100
From: Steffen Klassert <steffen.klassert@...unet.com>
To: David Miller <davem@...emloft.net>, Jakub Kicinski <kuba@...nel.org>
CC: Herbert Xu <herbert@...dor.apana.org.au>, Steffen Klassert
<steffen.klassert@...unet.com>, <netdev@...r.kernel.org>
Subject: [PATCH 0/5] pull request (net): ipsec 2025-01-27
1) Fix incrementing the upper 32 bit sequence numbers for GSO skbs.
From Jianbo Liu.
2) Fix an out-of-bounds read on xfrm state lookup.
From Florian Westphal.
3) Fix secpath handling on packet offload mode.
From Alexandre Cassen.
4) Fix the usage of skb->sk in the xfrm layer.
5) Don't disable preemption while looking up cache state
to fix PREEMPT_RT.
From Sebastian Sewior.
Please pull or let me know if there are problems.
Thanks!
The following changes since commit 9bb88c659673003453fd42e0ddf95c9628409094:
selftests: net: test extacks in netlink dumps (2024-11-24 17:00:06 -0800)
are available in the Git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec.git tags/ipsec-2025-01-27
for you to fetch changes up to 6c9b7db96db62ee9ad8d359d90ff468d462518c4:
xfrm: Don't disable preemption while looking up cache state. (2025-01-24 07:46:11 +0100)
----------------------------------------------------------------
ipsec-2025-01-27
----------------------------------------------------------------
Alexandre Cassen (1):
xfrm: delete intermediate secpath entry in packet offload mode
Florian Westphal (1):
xfrm: state: fix out-of-bounds read during lookup
Jianbo Liu (1):
xfrm: replay: Fix the update of replay_esn->oseq_hi for GSO
Sebastian Sewior (1):
xfrm: Don't disable preemption while looking up cache state.
Steffen Klassert (1):
xfrm: Fix the usage of skb->sk
include/net/xfrm.h | 16 ++++++--
net/ipv4/esp4.c | 2 +-
net/ipv6/esp6.c | 2 +-
net/ipv6/xfrm6_output.c | 4 +-
net/xfrm/xfrm_interface_core.c | 2 +-
net/xfrm/xfrm_output.c | 7 ++--
net/xfrm/xfrm_policy.c | 2 +-
net/xfrm/xfrm_replay.c | 10 +++--
net/xfrm/xfrm_state.c | 93 ++++++++++++++++++++++++++++++++----------
9 files changed, 100 insertions(+), 38 deletions(-)
Powered by blists - more mailing lists