group.of.nepali.translators team mailing list archive

Thread
Date
[Bug 1668042] Re: [Xenial - 16.04 ]Bonding driver - stack corruption when trying to copy 20 bytes to a sockaddr

To: group.of.nepali.translators@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <1668042@xxxxxxxxxxxxxxxxxx>
Date: Mon, 24 Apr 2017 14:07:40 -0000
Reply-to: Bug 1668042 <1668042@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
This bug was fixed in the package linux - 3.13.0-117.164

---------------
linux (3.13.0-117.164) trusty; urgency=low

  * linux: 3.13.0-117.164 -proposed tracker (LP: #1680733)

  * CVE-2017-6353
    - sctp: deny peeloff operation on asocs with threads sleeping on it

  * CVE-2017-5986
    - sctp: avoid BUG_ON on sctp_wait_for_sndbuf

  * Update ENA driver to 1.1.2 from net-next (LP: #1664312)
    - net: ena: Remove unnecessary pci_set_drvdata()
    - net: ena: Fix error return code in ena_device_init()
    - net: ena: change the return type of ena_set_push_mode() to be void.
    - net: ena: use setup_timer() and mod_timer()
    - net/ena: remove ntuple filter support from device feature list
    - net/ena: fix queues number calculation
    - net/ena: fix ethtool RSS flow configuration
    - net/ena: fix RSS default hash configuration
    - net/ena: fix NULL dereference when removing the driver after device reset
      failed
    - net/ena: refactor ena_get_stats64 to be atomic context safe
    - net/ena: fix potential access to freed memory during device reset
    - net/ena: use READ_ONCE to access completion descriptors
    - net/ena: reduce the severity of ena printouts
    - net/ena: change driver's default timeouts
    - net/ena: change condition for host attribute configuration
    - net/ena: update driver version to 1.1.2

  * [Xenial - 16.04 ]Bonding driver - stack corruption when trying to copy 20
    bytes to a sockaddr (LP: #1668042)
    - net/bonding: Enforce active-backup policy for IPoIB bonds

  * stress_smoke_test passing and exiting rc=9 (linux 4.9.0-12.13 ADT test
    failure with linux 4.9.0-12.13) (LP: #1658633)
    - ext4: lock the xattr block before checksuming it

  * vmxnet3 LRO IPv6 performance issues (stalling TCP) (LP: #1605494)
    - Driver: Vmxnet3: set CHECKSUM_UNNECESSARY for IPv6 packets

  * move aufs.ko from -extra to linux-image package (LP: #1673498)
    - [config] aufs.ko moved to linux-image package

  * lsattr 32bit does not work on 64bit kernel (Inappropriate ioctl error)
    (LP: #1619918)
    - btrfs: fix btrfs_compat_ioctl failures on non-compat ioctls

 -- Kleber Sacilotto de Souza <kleber.souza@xxxxxxxxxxxxx>  Thu, 06 Apr
2017 17:52:50 +0100

** Changed in: linux (Ubuntu Trusty)
       Status: Fix Committed => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2017-5986

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2017-6353

** Changed in: linux (Ubuntu Xenial)
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1668042

Title:
  [Xenial - 16.04 ]Bonding driver - stack corruption when trying to copy
  20 bytes to a sockaddr

Status in linux package in Ubuntu:
  Fix Committed
Status in linux source package in Trusty:
  Fix Released
Status in linux source package in Xenial:
  Fix Released

Bug description:
  
  In Ubuntu Xenial with kernel 4.4.0-65, we get kernel Panic after scenario [1].

  patch [2] should fix the issue

      When using an IPoIB bond currently only active-backup mode is a valid
      use case and this commit strengthens it.

      Since commit 2ab82852a270 ("net/bonding: Enable bonding to enslave
      netdevices not supporting set_mac_address()") was introduced till
      4.7-rc1, IPoIB didn't support the set_mac_address ndo, and hence the
      fail over mac policy always applied to IPoIB bonds.

      With the introduction of commit 492a7e67ff83 ("IB/IPoIB: Allow setting
      the device address"), that doesn't hold and practically IPoIB bonds are
      broken as of that. To fix it, lets go to fail over mac if the device
      doesn't support the ndo OR this is IPoIB device.

      As a by-product, this commit also prevents a stack corruption which
      occurred when trying to copy 20 bytes (IPoIB) device address
      to a sockaddr struct that has only 16 bytes of storage.


  [1]
  Get panic after create bond with down/updelay and restart NIC driver
  Configure bond with down/updelay

  cat /etc/network/interfaces
  auto bond1
  iface bond1 inet static
  address 31.136.42.17
  netmask 255.255.0.0
  bond-slaves ib0 ib1
  bond-miimon 100
  bond-updelay 5000
  bond-mode active-backup
  bond-primary ib1
  bond-downdelay 5000

  auto ib0
  iface ib0 inet manual
  bond-master bond1

  auto ib1
  iface ib1 inet manual
  bond-master bond1

  modprobe -r <Ipoib-nic-driver>

  
  [2]
  1533e77315220dc1d5ec3bd6d9fe32e2aa0a74c0
  net/bonding: Enforce active-backup policy for IPoIB bonds

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1668042/+subscriptions