[SRU][J 0/1, F 0/3] CVE-2024-26830
Bethany Jamison
bethany.jamison at canonical.com
Mon Jul 8 15:21:20 UTC 2024
[Impact]
i40e: Do not allow untrusted VF to remove administratively set MAC
Currently when PF administratively sets VF's MAC address and the VF
is put down (VF tries to delete all MACs) then the MAC is removed
from MAC filters and primary VF MAC is zeroed.
Do not allow untrusted VF to remove primary MAC when it was set
administratively by PF.
[Fix]
Noble: not-affected
Jammy: Backport - I ignored #defines next to the fix area, shouldn't
affect the fix changes
Focal: Backport - same as Jammy, Clean cherry-picks from prereqs
Bionic: needed
Xenial: needed
Trusty: not going to be fixed by us
[Test Case]
Compile and boot tested
[Where problems could occur]
This fix affects those who use the Intel i40e driver, an issue with
this fix would be visible to the user via unexpected system behavior.
Ivan Vecera (1):
i40e: Do not allow untrusted VF to remove administratively set MAC
.../ethernet/intel/i40e/i40e_virtchnl_pf.c | 38 ++++++++++++++++---
1 file changed, 33 insertions(+), 5 deletions(-)
--
2.34.1
More information about the kernel-team
mailing list