lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <mpuv6Xh1ObRSjS40iJdc7BNUqtJ4uqX5JdfCX5Sh9BKacoNJlqRBd8oznQs2q5HEslP95tIjkAGl_khiR07cyrLtqqHfsXya7bVu-X9Ard4=@pm.me>
Date: Fri, 02 May 2025 02:39:08 +0000
From: thesw4rm@...me
To: "netdev@...r.kernel.org" <netdev@...r.kernel.org>
Subject: Potential bug: errors from tcp_ack are ignored in tcp_rcv_synsent_state_process

Hello,

I found something weird in tcp_rcv_synsent_state_process in net/ipv4/tcp_input.c

On line 6555, the return code for tcp_ack is ignored

...
tcp_ecn_rcv_synack(tp, th);

tcp_init_wl(tp, TCP_SKB_CB(skb)->seq);
tcp_try_undo_spurious_syn(sk);
tcp_ack(sk, skb, FLAG_SLOWPATH);
...

The three methods above tcp_ack are all void, so I can understand why the return value is ignored. My instincts are telling me that someone forgot to check the return value of tcp_ack, and this could be a big problem if we move to ESTABLISHED and the ACK is invalid for some reason.

Does this need to be fixed? What am I missing? If I could get some context here, I'll work on a fix. 


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ