IPv6 tunneling regression
Andy Whitcroft
apw at canonical.com
Tue Aug 30 12:43:46 UTC 2011
On Mon, Aug 29, 2011 at 10:49:18AM -0600, Tim Gardner wrote:
> Andy - since you did the backport for this CVE, can you follow up on
> Julian's comments:
>
> https://bugs.launchpad.net/ubuntu/+source/linux/+bug/832332/comments/2
Ok actually this is not a CVE fix but a fix via stable. This only actually
affects the lucid master branch as the fixes were in mainline (correctly)
by v2.6.34. The lucid/fsl-imx51 branch does not have the stable backport
at this time and so is also unaffected.
The bug itself is limited to the ip6_tunnel tunnelling driver. This driver
is used for tunnelling non-ipv6 traffix in ipv6 packets; this is not
a tunnelling device for carrying ipv6 over ipv4. Given the very low
penetration of ipv6 as primary transport I surmise this will give us a
very very low exposure in our userbase.
The fix is simple and should be arriving via -stable shortly, however as
it is not currently visible on the longterm queue I will push an equivalent
patch to the kernel-team@ list shortly for review.
I have also updated the tracking bug.
-apw
More information about the kernel-team
mailing list