From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.5 required=3.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_PASS, URIBL_BLOCKED,USER_AGENT_MUTT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1338DC282D7 for ; Tue, 5 Feb 2019 18:41:10 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id DD1932175B for ; Tue, 5 Feb 2019 18:41:09 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1549392069; bh=1ZNoTKDJ3oGGSagaVvtknZbA8JcJOqoMzzLiSbWYFtc=; h=Date:From:To:Cc:Subject:References:In-Reply-To:List-ID:From; b=R2FL7A2pKXIM84nmELerPOTwgvG2Ana9H81dn8YZLh3ONkeuIiiyyo3YblZxas9XJ NvSBGtTFhJ9s49ETJAF3YcE1x8XFScj0i3yZDXX5Ad4/fn7Co9MIh9IYPdeeyLJQRq IOG8IrH6i0fgvOxdDtFeQQ4N8R6BDQrdjnKuFJKU= Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730387AbfBESlI (ORCPT ); Tue, 5 Feb 2019 13:41:08 -0500 Received: from mail.kernel.org ([198.145.29.99]:40876 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726731AbfBESlI (ORCPT ); Tue, 5 Feb 2019 13:41:08 -0500 Received: from localhost (unknown [167.98.85.149]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 637392083B; Tue, 5 Feb 2019 18:41:07 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1549392067; bh=1ZNoTKDJ3oGGSagaVvtknZbA8JcJOqoMzzLiSbWYFtc=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=UWJ0Gxbpywdy6CyZHwIgxSy9y32Dn/et8yWj7P7jVL1Nvq+hpqpoKxsCXGLSdHhoV gGtSSfTZ9SH4i/pGdbNAJFhgTALlj+ZO8LVdGRY1HUAY8JiIsuaBQDBA0W2lyVnadO eqeJIbx2iyaKg0w6+5dPtrAD6nWQnkIyxys/Ejgs= Date: Tue, 5 Feb 2019 19:41:05 +0100 From: Greg Kroah-Hartman To: Ben Hutchings Cc: Sasha Levin , stable , Eric Dumazet , Peter Oskolkov Subject: Re: [4.4] FragmentSmack security fixes Message-ID: <20190205184105.GA22198@kroah.com> References: <1549391183.2925.179.camel@codethink.co.uk> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1549391183.2925.179.camel@codethink.co.uk> User-Agent: Mutt/1.11.3 (2019-02-01) Sender: stable-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: stable@vger.kernel.org On Tue, Feb 05, 2019 at 06:26:23PM +0000, Ben Hutchings wrote: > This is a backport of upstream changes to fix the FragmentSmack (CVE- > 2018-5391) vulnerability. > > Peter Oskolkov checked an earlier version of this backport, but I have > since rebased and added another 3 commits to it. I tested with the > ip_defrag.sh self-test that he added upstream, and it passed. I have > included the fix that is currently queued for the 4.9, 4.14 and 4.19 > branches. That's a lot of patches, some of which I have already queued up in the next 4.4 release which will happen in a day or so. Are they all still needed after the changes there are merged? thanks, greg k-h