** Also affects: linux-oem-5.6 (Ubuntu)
Importance: Undecided
Status: New
** Changed in: linux-oem-5.6 (Ubuntu Focal)
Status: New => Fix Committed
** Changed in: linux-oem-5.6 (Ubuntu Bionic)
Status: New => Invalid
** Changed in: linux-oem-5.6 (Ubuntu Eoan)
Status: New => Invalid
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1886860
Title:
cgroup refcount is bogus when cgroup_sk_alloc is disabled
Status in linux package in Ubuntu:
Invalid
Status in linux-oem-5.6 package in Ubuntu:
New
Status in linux source package in Bionic:
In Progress
Status in linux-oem-5.6 source package in Bionic:
Invalid
Status in linux source package in Eoan:
In Progress
Status in linux-oem-5.6 source package in Eoan:
Invalid
Status in linux source package in Focal:
In Progress
Status in linux-oem-5.6 source package in Focal:
Fix Committed
Status in linux source package in Groovy:
Invalid
Status in linux-oem-5.6 source package in Groovy:
New
Bug description:
[Impact]
When net_prio and net_cls cgroups are used, cgroup refcount is bogus, as it's
not incremented anymore, but decremented when sockets are closed.
This might lead to crashes possibly because of use-after-free when
packets are received as shown in LP #1886668.
[Test case]
Ran reproducer from comment #2.
[Regression potential]
We could break the use of cgroup bpf. The use of cgroup bpf looks to still be
working from the reproducer.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1886860/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
