On Sun, 2015-09-13 at 00:56 +0200, Willy Tarreau wrote: > 2.6.32-longterm review patch. If anyone has any objections, please let me > know. > > ------------------ > > From: Eric Dumazet <[email protected]> > > commit beb39db59d14990e401e235faf66a6b9b31240b0 upstream. > > We have two problems in UDP stack related to bogus checksums : > > 1) We return -EAGAIN to application even if receive queue is not empty. > This breaks applications using edge trigger epoll() > > 2) Under UDP flood, we can loop forever without yielding to other > processes, potentially hanging the host, especially on non SMP. > > This patch is an attempt to make things better. > > We might in the future add extra support for rt applications > wanting to better control time spent doing a recv() in a hostile > environment. For example we could validate checksums before queuing > packets in socket receive queue. > > Signed-off-by: Eric Dumazet <[email protected]> > Cc: Willem de Bruijn <[email protected]> > Signed-off-by: David S. Miller <[email protected]> > Signed-off-by: Ben Hutchings <[email protected]> > > CVE-2015-5364 [...]
As there were two different problems, each deserving its own CVE ID, this also fixes CVE-2015-5366. Ben. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
