Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package dpdk for openSUSE:Factory checked in
at 2025-01-12 11:08:53
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/dpdk (Old)
and /work/SRC/openSUSE:Factory/.dpdk.new.1881 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "dpdk"
Sun Jan 12 11:08:53 2025 rev:68 rq:1236877 version:23.11.1
Changes:
--------
--- /work/SRC/openSUSE:Factory/dpdk/dpdk.changes 2024-09-25
21:53:10.263981802 +0200
+++ /work/SRC/openSUSE:Factory/.dpdk.new.1881/dpdk.changes 2025-01-12
11:09:08.310051548 +0100
@@ -1,0 +2,7 @@
+Wed Jan 1 13:12:20 UTC 2025 - Duraisankar P <duraisankar.pitchum...@suse.com>
+
+- Fix CVE-2024-11614 [bsc#1234718] - Denial Of Service from malicious guest
on hypervisors using DPDK Vhost library
+- Added patch,
+ + dpdk-CVE-2024-11614.patch
+
+-------------------------------------------------------------------
New:
----
dpdk-CVE-2024-11614.patch
BETA DEBUG BEGIN:
New:- Added patch,
+ dpdk-CVE-2024-11614.patch
BETA DEBUG END:
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ dpdk.spec ++++++
--- /var/tmp/diff_new_pack.66b3eH/_old 2025-01-12 11:09:09.142085688 +0100
+++ /var/tmp/diff_new_pack.66b3eH/_new 2025-01-12 11:09:09.146085852 +0100
@@ -1,7 +1,7 @@
#
-# spec file for package dpdk
+# spec file
#
-# Copyright (c) 2024 SUSE LLC
+# Copyright (c) 2025 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -63,6 +63,8 @@
Patch0: 0001-fix-cpu-compatibility.patch
# PATCH-FIX-UPSTREAM - https://bugs.dpdk.org/show_bug.cgi?id=1530
Patch1: 0001-examples-vm_power_manager-add-missing-header.patch
+# PATCH-FIX-UPSTREAM - CVE-2024-11614 [bsc#1234718], net/virtio: Fix Denial Of
Service from malicious guest on hypervisors using DPDK Vhost library
+Patch2: dpdk-CVE-2024-11614.patch
BuildRequires: %{python_module Sphinx}
BuildRequires: %{python_module pyelftools >= 0.22}
BuildRequires: %{pythons}
++++++ dpdk-CVE-2024-11614.patch ++++++
>From fdf13ea6fede07538fbe5e2a46fa6d4b2368fa81 Mon Sep 17 00:00:00 2001
From: Olivier Matz <olivier.m...@6wind.com>
Date: Thu, 28 Nov 2024 12:09:56 +0100
Subject: net/virtio: fix Rx checksum calculation
If hdr->csum_start is larger than packet length, the len argument passed
to rte_raw_cksum_mbuf() overflows and causes a segmentation fault.
Ignore checksum computation in this case.
CVE-2024-11614
Fixes: ca7036b4af3a ("vhost: fix offload flags in Rx path")
Signed-off-by: Maxime Gouin <maxime.go...@6wind.com>
Signed-off-by: Olivier Matz <olivier.m...@6wind.com>
Reviewed-by: Maxime Coquelin <maxime.coque...@redhat.com>
---
lib/vhost/virtio_net.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/lib/vhost/virtio_net.c b/lib/vhost/virtio_net.c
index d764d4bc6a..69901ab3b5 100644
--- a/lib/vhost/virtio_net.c
+++ b/lib/vhost/virtio_net.c
@@ -2823,6 +2823,9 @@ vhost_dequeue_offload(struct virtio_net *dev, struct
virtio_net_hdr *hdr,
*/
uint16_t csum = 0, off;
+ if (hdr->csum_start >= rte_pktmbuf_pkt_len(m))
+ return;
+
if (rte_raw_cksum_mbuf(m, hdr->csum_start,
rte_pktmbuf_pkt_len(m) -
hdr->csum_start, &csum) < 0)
return;
