Yes, already queued by Eric Dumazet in all stable since report in April
http://patchwork.ozlabs.org/patch/746618/
Yes, i did, but troubleshooting done and fix issued by Eric Dumazet.
Also there is chance exist that someone used it for malicious purposes "in
wild" at that moment, as it appeared at peak time on ISP, in specific network
with many users, while exactly same setup on other locations didn't had this
issue. That was reason to enable KASAN and to search for it.
No CVE as far as i know, i just don't know how to do that. Not sure if
Eric or netfilter developers (for example Pablo Neira Ayuso) filled
anything.
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1739765
Title:
xt_TCPMSS buffer overflow bug
Status in linux package in Ubuntu:
Incomplete
Bug description:
Bug was reported in LKML here: https://lkml.org/lkml/2017/4/2/13
In few words - corrupted packet might be used to modify memory at router who
has xt_TCPMSS used as iptables action.
This is really nasty bug, and can be triggered remotely by malicious person
on anything that usually use this iptables action (PPPoE/PPTP-enabled ISP or
VPN provider, for example).
This bug existed for several years, i guess.
I waited for a while since April, as it's already pushed to stable, and
probably all distributions have it updated, so now it's time to do bugreport,
to make sure it is really fixed everywhere.
Maybe worth to assign CVE for it?
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1739765/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp