blob: 2bf3fc434e018d7cf02d3bbc949a7a973ef49a97 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
|
Description: net/sctp: fix race condition in sctp_destroy_sock
References:
https://www.openwall.com/lists/oss-security/2021/04/18/2
Notes:
carnil> Commit fixes 610236587600 ("bpf: Add new cgroup attach type to
carnil> enable sock modifications") in 4.10-rc1. Original fix
carnil> b166a20b0738 ("net/sctp: fix race condition in
carnil> sctp_destroy_sock") was reverted, as it caused a dead-lock, cf.
carnil> 01bfe5e8e428 ("Revert "net/sctp: fix race condition in
carnil> sctp_destroy_sock"") and then fixed with 34e5b0118685 ("sctp:
carnil> delay auto_asconf init until binding the first addr").
carnil> Unclear yet if this is as well a problem for the 5.10.32,
carnil> 4.19.189 and 4.9.268 releases.
carnil> The fix needs to be redone as well for all stable series which
carnil> got the original patch applied.
Bugs:
upstream: released (5.13-rc1) [34e5b01186858b36c4d7c87e1a025071e8e2401f]
5.10-upstream-stable: released (5.10.37) [42f1b8653f85924743ea5b57b051a4e1f05b5e43]
4.19-upstream-stable: released (4.19.191) [59339c866e0428fb92bfb3f5290c49a5325d2494]
4.9-upstream-stable: released (4.9.269) [89e55e90c09c6e712c7254467c077802dfd99eaa]
sid: released (5.10.38-1)
4.19-buster-security: released (4.19.194-1)
4.9-stretch-security: released (4.9.272-1)
|
