APPLIED: [SRU][N/O/P][PATCH 0/1] CVE-2025-37997

[Mehmet Basaran]

Applied to noble:linux, oracular:linux, plucky:linux master-next
branches. Thanks.

oracular:linux will be EOL. So the changes there won't be released.

-------------- next part --------------
Ian Whitfield <ian.whitfield at canonical.com> writes:

> [Impact]
>
> netfilter: ipset: fix region locking in hash types
>
> Region locking introduced in v5.6-rc4 contained three macros to handle
> the region locks: ahash_bucket_start(), ahash_bucket_end() which gave
> back the start and end hash bucket values belonging to a given region
> lock and ahash_region() which should give back the region lock belonging
> to a given hash bucket. The latter was incorrect which can lead to a
> race condition between the garbage collector and adding new elements
> when a hash type of set is defined with timeouts.
>
> [Backport]
>
> Cherry picked cleanly.
>
> [Fix]
>
> Plucky:   cherry pick
> Oracular: cherry pick
> Noble:    cherry pick
> Jammy:    fixed via stable updates
> Focal:    sent to ESM ML
> Bionic:   not affected
> Xenial:   not affected
> Trusty:   not affected
>
> [Test Case]
>
> Compile and boot tested.
>
> [Where problems could occur]
>
> This fix affects those who use hashed entries in netfilter IP sets with
> timeouts. An issue with this fix would be visible to the user as unpredictable
> kernel behavior around adding new netfilter IP set entries.
>
> Jozsef Kadlecsik (1):
>   netfilter: ipset: fix region locking in hash types
>
>  net/netfilter/ipset/ip_set_hash_gen.h | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> -- 
> 2.43.0
>
>
> -- 
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 873 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20250611/9bd274b2/attachment.sig>