Update to 4.13.13
This commit is contained in:
Ben Hutchings
parent
6ff07bd9a5
commit
f4e45ee455
|
|
@ -1,4 +1,4 @@
|
|||
linux (4.13.12-1) UNRELEASED; urgency=medium
|
||||
linux (4.13.13-1) UNRELEASED; urgency=medium
|
||||
|
||||
* New upstream stable update:
|
||||
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.11
|
||||
|
|
@ -76,15 +76,43 @@ linux (4.13.12-1) UNRELEASED; urgency=medium
|
|||
- [mips*] smp-cmp: Use right include for task_struct
|
||||
- [mips*] SMP: Fix deadlock & online race
|
||||
- Revert "x86: do not use cpufreq_quick_get() for /proc/cpuinfo "cpu MHz""
|
||||
- [x86] CPU: Fix up "cpu MHz" in /proc/cpuinfo
|
||||
- [powerpc*] kprobes: Dereference function pointers only if the address
|
||||
does not belong to kernel text
|
||||
- futex: Fix more put_pi_state() vs. exit_pi_state_list() races
|
||||
- perf/cgroup: Fix perf cgroup hierarchy support
|
||||
- [x86] mcelog: Get rid of RCU remnants
|
||||
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.13
|
||||
- netfilter: nat: Revert "netfilter: nat: convert nat bysrc hash to
|
||||
rhashtable"
|
||||
- netfilter: nft_set_hash: disable fast_ops for 2-len keys (Closes: #880145)
|
||||
- workqueue: Fix NULL pointer dereference
|
||||
- crypto: ccm - preserve the IV buffer
|
||||
- [x86] crypto: sha1-mb - fix panic due to unaligned access
|
||||
- [x86] crypto: sha256-mb - fix panic due to unaligned access
|
||||
- KEYS: fix NULL pointer dereference during ASN.1 parsing [ver #2]
|
||||
- [x86] ACPI / PM: Blacklist Low Power S0 Idle _DSM for Dell XPS13 9360
|
||||
- ACPICA: Dispatch active GPEs at init time
|
||||
- ACPICA: Make it possible to enable runtime GPEs earlier
|
||||
- ACPI / scan: Enable GPEs before scanning the namespace
|
||||
- [armel,armhf] 8720/1: ensure dump_instr() checks addr_limit
|
||||
- ALSA: timer: Limit max instances per timer
|
||||
- ALSA: usb-audio: support new Amanero Combo384 firmware version
|
||||
- [x86] ALSA: hda - fix headset mic problem for Dell machines with alc274
|
||||
- ALSA: seq: Fix OSS sysex delivery in OSS emulation
|
||||
- ALSA: seq: Avoid invalid lockdep class warning
|
||||
- [mips*] Fix CM region target definitions
|
||||
- [powerpc*] KVM: Book3S HV: Fix exclusion between HPT resizing and other
|
||||
HPT updates
|
||||
- Input: elan_i2c - add ELAN060C to the ACPI table
|
||||
- rbd: use GFP_NOIO for parent stat and data requests
|
||||
- [x86] drm/vmwgfx: Fix Ubuntu 17.10 Wayland black screen issue
|
||||
- [armhf] can: sun4i: handle overrun in RX FIFO
|
||||
- can: peak: Add support for new PCIe/M2 CAN FD interfaces
|
||||
- [x86] debug: Handle warnings before the notifier chain, to fix KGDB crash
|
||||
- [x86] smpboot: Make optimization of delay calibration work correctly
|
||||
- [x86] oprofile/ppro: Do not use __this_cpu*() in preemptible context
|
||||
|
||||
[ Salvatore Bonaccorso ]
|
||||
* netfilter: nft_set_hash: disable fast_ops for 2-len keys (Closes: #880145)
|
||||
* mac80211: accept key reinstall without changing anything (CVE-2017-13080)
|
||||
* sctp: do not peel off an assoc from one netns to another one
|
||||
(CVE-2017-15115)
|
||||
|
|
|
|||
|
|
@ -1,57 +0,0 @@
|
|||
From: Anatole Denis <anatole@rezel.net>
|
||||
Date: Wed, 4 Oct 2017 01:17:14 +0100
|
||||
Subject: netfilter: nft_set_hash: disable fast_ops for 2-len keys
|
||||
Origin: https://git.kernel.org/linus/0414c78f14861cb704d6e6888efd53dd36e3bdde
|
||||
Bug-Debian: https://bugs.debian.org/880145
|
||||
|
||||
jhash_1word of a u16 is a different value from jhash of the same u16 with
|
||||
length 2.
|
||||
Since elements are always inserted in sets using jhash over the actual
|
||||
klen, this would lead to incorrect lookups on fixed-size sets with a key
|
||||
length of 2, as they would be inserted with hash value jhash(key, 2) and
|
||||
looked up with hash value jhash_1word(key), which is different.
|
||||
|
||||
Example reproducer(v4.13+), using anonymous sets which always have a
|
||||
fixed size:
|
||||
|
||||
table inet t {
|
||||
chain c {
|
||||
type filter hook output priority 0; policy accept;
|
||||
tcp dport { 10001, 10003, 10005, 10007, 10009 } counter packets 4 bytes 240 reject
|
||||
tcp dport 10001 counter packets 4 bytes 240 reject
|
||||
tcp dport 10003 counter packets 4 bytes 240 reject
|
||||
tcp dport 10005 counter packets 4 bytes 240 reject
|
||||
tcp dport 10007 counter packets 0 bytes 0 reject
|
||||
tcp dport 10009 counter packets 4 bytes 240 reject
|
||||
}
|
||||
}
|
||||
|
||||
then use nc -z localhost <port> to probe; incorrectly hashed ports will
|
||||
pass through the set lookup and increment the counter of an individual
|
||||
rule.
|
||||
|
||||
jhash being seeded with a random value, it is not deterministic which
|
||||
ports will incorrectly hash, but in testing with 5 ports in the set I
|
||||
always had 4 or 5 with an incorrect hash value.
|
||||
|
||||
Signed-off-by: Anatole Denis <anatole@rezel.net>
|
||||
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
||||
---
|
||||
net/netfilter/nft_set_hash.c | 1 -
|
||||
1 file changed, 1 deletion(-)
|
||||
|
||||
diff --git a/net/netfilter/nft_set_hash.c b/net/netfilter/nft_set_hash.c
|
||||
index 0fa01d772c5e..9c0d5a7ce5f9 100644
|
||||
--- a/net/netfilter/nft_set_hash.c
|
||||
+++ b/net/netfilter/nft_set_hash.c
|
||||
@@ -643,7 +643,6 @@ nft_hash_select_ops(const struct nft_ctx *ctx, const struct nft_set_desc *desc,
|
||||
{
|
||||
if (desc->size) {
|
||||
switch (desc->klen) {
|
||||
- case 2:
|
||||
case 4:
|
||||
return &nft_hash_fast_ops;
|
||||
default:
|
||||
--
|
||||
2.11.0
|
||||
|
||||
|
|
@ -78,7 +78,6 @@ bugfix/all/fs-add-module_softdep-declarations-for-hard-coded-cr.patch
|
|||
bugfix/all/partially-revert-usb-kconfig-using-select-for-usb_co.patch
|
||||
bugfix/all/kbuild-include-addtree-remove-quotes-before-matching-path.patch
|
||||
bugfix/all/bfq-re-enable-auto-loading-when-built-as-a-module.patch
|
||||
bugfix/all/netfilter-nft_set_hash-disable-fast_ops-for-2-len-ke.patch
|
||||
|
||||
# Miscellaneous features
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue