This is CVE-2021-29650 which is working its way through the SRU process. ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-29650
-- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1925124 Title: panic in ipt_do_table+0x621/0x640 Status in linux package in Ubuntu: Incomplete Bug description: 1.This bug has happened on the following kernel version: 4.4.0-104-generic 4.15.0-88-generic 4.15.0-13-generic 5.4.0-42-generic 5.4.0-47-generic 2.we cannot reliably reproduce this issue. 3.this patch seems to fix this issue. https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=175e476b8cdf2a4de7432583b49c871345e4f8a1 4.the following crash dmesg from 5.4.0-47-generic: [2021-03-19 12:17:53][3581678.514072] audit: audit_lost=1 audit_rate_limit=1 audit_backlog_limit=1024 [2021-03-23 21:57:06][3962019.737898] general protection fault: 0000 [#1] SMP PTI [2021-03-23 21:57:06][3962019.739019] CPU: 4 PID: 0 Comm: swapper/4 Kdump: loaded Not tainted 5.4.0-47-generic #51~18.04.1-Ubuntu [2021-03-23 21:57:06][3962019.740433] Hardware name: Tencent Cloud CVM, BIOS seabios-1.9.1-qemu-project.org 04/01/2014 [2021-03-23 21:57:06][3962019.741829] RIP: 0010:ipt_do_table+0x621/0x640 [ip_tables] [2021-03-23 21:57:06][3962019.742587] Code: ff ff ff 45 31 d2 48 89 85 50 ff ff ff e9 7e fe ff ff 83 ad 70 ff ff ff 01 48 8b bd 78 ff ff ff 8b 85 70 ff ff ff 4c 8b 34 c7 <41> 0f b7 46 5a 49 01 c6 e9 [2021-03-23 21:57:06]18 fb ff ff c7 45 a4 00 00 00 00 e9 e9 [2021-03-23 21:57:06][3962019.745295] RSP: 0018:ffffbcd080184c18 EFLAGS: 00010246 [2021-03-23 21:57:06][3962019.745988] RAX: 0000000000000000 RBX: ffff96b7e9b717b0 RCX: ffffdcd07f70a150 [2021-03-23 21:57:06][3962019.747025] RDX: 000000000001ab6a RSI: ffff96b7e1d98d80 RDI: ffff96b7e1d98d80 [2021-03-23 21:57:06][3962019.748015] RBP: ffffbcd080184d08 R08: 0000000000000008 R09: ffff96b82aca2980 [2021-03-23 21:57:06][3962019.748988] R10: 0000000000000d38 R11: ffff96b7cacaa380 R12: ffff96b833fea000 [2021-03-23 21:57:06][3962019.749927] R13: ffff96b7ebb4a04e R14: 3f13d7139e6d8ccb R15: ffff96b7d2c28f00 [2021-03-23 21:57:06][3962019.750873] FS: 0000000000000000(0000) GS:ffff96b83fb00000(0000) knlGS:0000000000000000 [2021-03-23 21:57:06][3962019.751919] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [2021-03-23 21:57:06][3962019.752720] CR2: 00007fee206258f0 CR3: 0000000f9c428001 CR4: 00000000003606e0 [2021-03-23 21:57:06][3962019.753603] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [2021-03-23 21:57:06][3962019.754619] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [2021-03-23 21:57:06][3962019.755606] Call Trace: [2021-03-23 21:57:06][3962019.755984] <IRQ> [2021-03-23 21:57:06][3962019.756282] iptable_filter_hook+0x1f/0x30 [iptable_filter] [2021-03-23 21:57:06][3962019.757199] nf_hook_slow+0x48/0xc0 [2021-03-23 21:57:06][3962019.757753] ip_forward+0x410/0x480 [2021-03-23 21:57:06][3962019.758350] ? ip4_key_hashfn+0xc0/0xc0 [2021-03-23 21:57:06][3962019.758907] ip_rcv_finish+0x84/0xa0 [2021-03-23 21:57:06][3962019.759469] ip_rcv+0xbc/0xd0 [2021-03-23 21:57:06][3962019.760543] ? ip_rcv_finish_core.isra.18+0x3b0/0x3b0 [2021-03-23 21:57:06][3962019.761916] __netif_receive_skb_one_core+0x86/0xa0 [2021-03-23 21:57:06][3962019.763210] __netif_receive_skb+0x18/0x60 [2021-03-23 21:57:06][3962019.764341] process_backlog+0xa0/0x170 [2021-03-23 21:57:06][3962019.765600] net_rx_action+0x140/0x3c0 [2021-03-23 21:57:06][3962019.766550] __do_softirq+0xe4/0x2da [2021-03-23 21:57:06][3962019.767792] irq_exit+0xae/0xb0 [2021-03-23 21:57:06][3962019.768857] smp_call_function_single_interrupt+0x48/0xd0 [2021-03-23 21:57:06][3962019.770140] call_function_single_interrupt+0xf/0x20 [2021-03-23 21:57:06][3962019.771315] </IRQ> [2021-03-23 21:57:06][3962019.772038] RIP: 0010:native_safe_halt+0x12/0x20 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1925124/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
