NACK/Cmnt: [SRU][J/F][PATCH 0/1] ipv6: prevent NULL dereference in ip6_output()
Manuel Diewald
manuel.diewald at canonical.com
Mon Jul 8 08:50:53 UTC 2024
On Fri, Jul 05, 2024 at 06:17:40PM -0300, Vinicius Peixoto wrote:
> [Impact]
> According to syzbot, there is a chance that ip6_dst_idev()
> returns NULL in ip6_output(). Most places in IPv6 stack
> deal with a NULL idev just fine, but not here.
>
> [Backport]
> Due to the lack of upstream commit
> 5e187189ec324f78035d33a4bc123a9c4ca6f3e3 ("net: ip: add skb drop reasons for ip egress path)"
> Jammy, Focal, Bionic and Xenial had a context conflict.
> Xenial is also missing 97a7a37a7b7b ("ipv6: Initial skb->dev and skb->protocol in ip6_output").
> However, none of those commits directly impact the fix or the issue,
> so a manual backport is appropriate here.
>
> [Test]
> Compile tested.
>
> [Where problems could occur]
> Any issues here would directly impact IPv6 networking.
>
> Eric Dumazet (1):
> ipv6: prevent NULL dereference in ip6_output()
>
> net/ipv6/ip6_output.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> --
> 2.43.0
>
>
> --
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
This seems to be a CVE fix, so please include the CVE number in the
cover letter subject. Usually we use the following format when
submitting CVE fixes:
[SRU][<series>][PATCH 0/1] <CVE number>
So in this case, it would be:
[SRU][J/F][PATCH 0/1] CVE-2024-36901
Tooling for working with the mailing list submissions might rely on it.
Thank you!
--
Manuel
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20240708/f553fcfe/attachment-0001.sig>
More information about the kernel-team
mailing list