Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/1.2/patches/812226/?format=api
{ "id": 812226, "url": "http://patchwork.ozlabs.org/api/1.2/patches/812226/?format=api", "web_url": "http://patchwork.ozlabs.org/project/ubuntu-kernel/patch/20170911062338.9825-2-po-hsu.lin@canonical.com/", "project": { "id": 15, "url": "http://patchwork.ozlabs.org/api/1.2/projects/15/?format=api", "name": "Ubuntu Kernel", "link_name": "ubuntu-kernel", "list_id": "kernel-team.lists.ubuntu.com", "list_email": "kernel-team@lists.ubuntu.com", "web_url": null, "scm_url": null, "webscm_url": null, "list_archive_url": "", "list_archive_url_format": "", "commit_url_format": "" }, "msgid": "<20170911062338.9825-2-po-hsu.lin@canonical.com>", "list_archive_url": null, "date": "2017-09-11T06:23:38", "name": "[CVE-2017-14106,T/X/Z,SRU] tcp: initialize rcv_mss to TCP_MIN_MSS instead of 0", "commit_ref": null, "pull_url": null, "state": "new", "archived": false, "hash": "56e223337a7989ac147f9ee41391448b142bc4ff", "submitter": { "id": 70488, "url": "http://patchwork.ozlabs.org/api/1.2/people/70488/?format=api", "name": "Po-Hsu Lin", "email": "po-hsu.lin@canonical.com" }, "delegate": null, "mbox": "http://patchwork.ozlabs.org/project/ubuntu-kernel/patch/20170911062338.9825-2-po-hsu.lin@canonical.com/mbox/", "series": [ { "id": 2439, "url": "http://patchwork.ozlabs.org/api/1.2/series/2439/?format=api", "web_url": "http://patchwork.ozlabs.org/project/ubuntu-kernel/list/?series=2439", "date": "2017-09-11T06:23:38", "name": "[CVE-2017-14106,T/X/Z,SRU] tcp: initialize rcv_mss to TCP_MIN_MSS instead of 0", "version": 1, "mbox": "http://patchwork.ozlabs.org/series/2439/mbox/" } ], "comments": "http://patchwork.ozlabs.org/api/patches/812226/comments/", "check": "pending", "checks": "http://patchwork.ozlabs.org/api/patches/812226/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<kernel-team-bounces@lists.ubuntu.com>", "X-Original-To": "incoming@patchwork.ozlabs.org", "Delivered-To": "patchwork-incoming@bilbo.ozlabs.org", "Authentication-Results": "ozlabs.org;\n\tspf=none (mailfrom) smtp.mailfrom=lists.ubuntu.com\n\t(client-ip=91.189.94.19; helo=huckleberry.canonical.com;\n\tenvelope-from=kernel-team-bounces@lists.ubuntu.com;\n\treceiver=<UNKNOWN>)", "Received": [ "from huckleberry.canonical.com (huckleberry.canonical.com\n\t[91.189.94.19])\n\tby ozlabs.org (Postfix) with ESMTP id 3xrHty2F3Cz9sBZ;\n\tMon, 11 Sep 2017 16:23:54 +1000 (AEST)", "from localhost ([127.0.0.1] helo=huckleberry.canonical.com)\n\tby huckleberry.canonical.com with esmtp (Exim 4.86_2)\n\t(envelope-from <kernel-team-bounces@lists.ubuntu.com>)\n\tid 1drI8K-0008OL-E4; Mon, 11 Sep 2017 06:23:48 +0000", "from youngberry.canonical.com ([91.189.89.112])\n\tby huckleberry.canonical.com with esmtps\n\t(TLS1.0:DHE_RSA_AES_128_CBC_SHA1:128)\n\t(Exim 4.86_2) (envelope-from <po-hsu.lin@canonical.com>)\n\tid 1drI8I-0008Nj-QZ\n\tfor kernel-team@lists.ubuntu.com; Mon, 11 Sep 2017 06:23:46 +0000", "from mail-pg0-f69.google.com ([74.125.83.69])\n\tby youngberry.canonical.com with esmtps\n\t(TLS1.0:RSA_AES_128_CBC_SHA1:16)\n\t(Exim 4.76) (envelope-from <po-hsu.lin@canonical.com>)\n\tid 1drI8I-00051X-FC\n\tfor kernel-team@lists.ubuntu.com; Mon, 11 Sep 2017 06:23:46 +0000", "by mail-pg0-f69.google.com with SMTP id d8so15239404pgt.1\n\tfor <kernel-team@lists.ubuntu.com>;\n\tSun, 10 Sep 2017 23:23:46 -0700 (PDT)", "from localhost.localdomain ([175.41.48.77])\n\tby smtp.gmail.com with ESMTPSA id\n\te185sm2929967pfg.142.2017.09.10.23.23.43\n\tfor <kernel-team@lists.ubuntu.com>\n\t(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);\n\tSun, 10 Sep 2017 23:23:44 -0700 (PDT)" ], "X-Google-DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed;\n\td=1e100.net; s=20161025;\n\th=x-gm-message-state:from:to:subject:date:message-id:in-reply-to\n\t:references;\n\tbh=1ZDWEzHb3/b+gqRMThnuJU4Egq996oYpS4KUiFVsmCc=;\n\tb=JYcT72u0oyvHriQDbgFwjoM/ORHiwQuUIh6fDdAVsTrkwaFizOIv7DnUeRmsfnS1TM\n\tohkoc6H4faAP9D+Rop9wTeW7ZH/0GIzVLZuizJZebYxtS2Gr/P+76kpXTMI3Y9aeM/fB\n\tg3RY23Mladwzv5I5jfOGhq15gYSxxsTOpbtLu4SssA/eoo2ZZbiGDWGo481B+4nyoTUz\n\tXqCHFt5pTk0oqjSekxVxYdgKeyHz0J0aBJP88R5Q4TPgQBCLJFzxagvxdKxv1F8N3oC8\n\tDewkZZm/a+HVc1frPPJXuu/n99M+AvovTMqxpNo9L/5VaWygFQDhZeNOuVQ1+bgs7gt2\n\tCBhA==", "X-Gm-Message-State": "AHPjjUhFbmJPXSl0YE13+OVWx2dZmwVVsNuvR6l+D22NJk+/iD9ktJ+W\n\tuApBkPr03Jg68sJ77tYmHaGnoKNZCsPJ2fpXyU9YOFxUhCHJfgjkoML/iGqQ6z/qEgr6cEDqsli\n\tOACBWDy5ygUm+X+YPKRFl0aJWxshr25rO", "X-Received": [ "by 10.98.87.23 with SMTP id l23mr11005141pfb.77.1505111025033;\n\tSun, 10 Sep 2017 23:23:45 -0700 (PDT)", "by 10.98.87.23 with SMTP id l23mr11005135pfb.77.1505111024852;\n\tSun, 10 Sep 2017 23:23:44 -0700 (PDT)" ], "X-Google-Smtp-Source": "ADKCNb6fexHEIwbCJaZ/oYETAfyiKr9BUsgUxK7W3vXmReoayonM9Mj8MKVbClqsEyYCSRCJ35yADA==", "From": "Po-Hsu Lin <po-hsu.lin@canonical.com>", "To": "kernel-team@lists.ubuntu.com", "Subject": "[CVE-2017-14106][T/X/Z SRU][PATCH] tcp: initialize rcv_mss to\n\tTCP_MIN_MSS instead of 0", "Date": "Mon, 11 Sep 2017 14:23:38 +0800", "Message-Id": "<20170911062338.9825-2-po-hsu.lin@canonical.com>", "X-Mailer": "git-send-email 2.11.0", "In-Reply-To": "<20170911062338.9825-1-po-hsu.lin@canonical.com>", "References": "<20170911062338.9825-1-po-hsu.lin@canonical.com>", "X-BeenThere": "kernel-team@lists.ubuntu.com", "X-Mailman-Version": "2.1.20", "Precedence": "list", "List-Id": "Kernel team discussions <kernel-team.lists.ubuntu.com>", "List-Unsubscribe": "<https://lists.ubuntu.com/mailman/options/kernel-team>,\n\t<mailto:kernel-team-request@lists.ubuntu.com?subject=unsubscribe>", "List-Archive": "<https://lists.ubuntu.com/archives/kernel-team>", "List-Post": "<mailto:kernel-team@lists.ubuntu.com>", "List-Help": "<mailto:kernel-team-request@lists.ubuntu.com?subject=help>", "List-Subscribe": "<https://lists.ubuntu.com/mailman/listinfo/kernel-team>,\n\t<mailto:kernel-team-request@lists.ubuntu.com?subject=subscribe>", "MIME-Version": "1.0", "Content-Type": "text/plain; charset=\"utf-8\"", "Content-Transfer-Encoding": "base64", "Errors-To": "kernel-team-bounces@lists.ubuntu.com", "Sender": "\"kernel-team\" <kernel-team-bounces@lists.ubuntu.com>" }, "content": "From: Wei Wang <weiwan@google.com>\n\nCVE-2017-14106\n\nWhen tcp_disconnect() is called, inet_csk_delack_init() sets\nicsk->icsk_ack.rcv_mss to 0.\nThis could potentially cause tcp_recvmsg() => tcp_cleanup_rbuf() =>\n__tcp_select_window() call path to have division by 0 issue.\nSo this patch initializes rcv_mss to TCP_MIN_MSS instead of 0.\n\nReported-by: Andrey Konovalov <andreyknvl@google.com>\nSigned-off-by: Wei Wang <weiwan@google.com>\nSigned-off-by: Eric Dumazet <edumazet@google.com>\nSigned-off-by: Neal Cardwell <ncardwell@google.com>\nSigned-off-by: Yuchung Cheng <ycheng@google.com>\nSigned-off-by: David S. Miller <davem@davemloft.net>\n(cherry picked from commit 499350a5a6e7512d9ed369ed63a4244b6536f4f8)\nSigned-off-by: Po-Hsu Lin <po-hsu.lin@canonical.com>\n---\n net/ipv4/tcp.c | 4 ++++\n 1 file changed, 4 insertions(+)", "diff": "diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c\nindex 16b5118..46c45a0 100644\n--- a/net/ipv4/tcp.c\n+++ b/net/ipv4/tcp.c\n@@ -2202,6 +2202,10 @@ int tcp_disconnect(struct sock *sk, int flags)\n \ttcp_set_ca_state(sk, TCP_CA_Open);\n \ttcp_clear_retrans(tp);\n \tinet_csk_delack_init(sk);\n+\t/* Initialize rcv_mss to TCP_MIN_MSS to avoid division by 0\n+\t * issue in __tcp_select_window()\n+\t */\n+\ticsk->icsk_ack.rcv_mss = TCP_MIN_MSS;\n \ttcp_init_send_head(sk);\n \tmemset(&tp->rx_opt, 0, sizeof(tp->rx_opt));\n \t__sk_dst_reset(sk);\n", "prefixes": [ "CVE-2017-14106", "T/X/Z", "SRU" ] }