kernel-packages team mailing list archive

Thread
Date
[Bug 1568969] Re: FDB table grows out of control

To: kernel-packages@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <1568969@xxxxxxxxxxxxxxxxxx>
Date: Mon, 27 Jun 2016 19:04:21 -0000
Reply-to: Bug 1568969 <1568969@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
This bug was fixed in the package linux - 3.13.0-91.138

---------------
linux (3.13.0-91.138) trusty; urgency=medium

  [ Luis Henriques ]

  * Release Tracking Bug
    - LP: #1595991

  [ Upstream Kernel Changes ]

  * netfilter: x_tables: validate e->target_offset early
    - LP: #1555338
    - CVE-2016-3134
  * netfilter: x_tables: make sure e->next_offset covers remaining blob
    size
    - LP: #1555338
    - CVE-2016-3134
  * netfilter: x_tables: fix unconditional helper
    - LP: #1555338
    - CVE-2016-3134
  * netfilter: x_tables: don't move to non-existent next rule
    - LP: #1595350
  * netfilter: x_tables: validate targets of jumps
    - LP: #1595350
  * netfilter: x_tables: add and use xt_check_entry_offsets
    - LP: #1595350
  * netfilter: x_tables: kill check_entry helper
    - LP: #1595350
  * netfilter: x_tables: assert minimum target size
    - LP: #1595350
  * netfilter: x_tables: add compat version of xt_check_entry_offsets
    - LP: #1595350
  * netfilter: x_tables: check standard target size too
    - LP: #1595350
  * netfilter: x_tables: check for bogus target offset
    - LP: #1595350
  * netfilter: x_tables: validate all offsets and sizes in a rule
    - LP: #1595350
  * netfilter: x_tables: don't reject valid target size on some
    architectures
    - LP: #1595350
  * netfilter: arp_tables: simplify translate_compat_table args
    - LP: #1595350
  * netfilter: ip_tables: simplify translate_compat_table args
    - LP: #1595350
  * netfilter: ip6_tables: simplify translate_compat_table args
    - LP: #1595350
  * netfilter: x_tables: xt_compat_match_from_user doesn't need a retval
    - LP: #1595350
  * netfilter: x_tables: do compat validation via translate_table
    - LP: #1595350
  * netfilter: x_tables: introduce and use xt_copy_counters_from_user
    - LP: #1595350

linux (3.13.0-90.137) trusty; urgency=low

  [ Kamal Mostafa ]

  * Release Tracking Bug
    - LP: #1595693

  [ Serge Hallyn ]

  * SAUCE: add a sysctl to disable unprivileged user namespace unsharing
    - LP: #1555338, #1595350

linux (3.13.0-89.136) trusty; urgency=low

  [ Kamal Mostafa ]

  * Release Tracking Bug
    - LP: #1591315

  [ Kamal Mostafa ]

  * [debian] getabis: Only git add $abidir if running in local repo
    - LP: #1584890
  * [debian] getabis: Fix inconsistent compiler versions check
    - LP: #1584890

  [ Stefan Bader ]

  * SAUCE: powerpc/powernv: Fix incomplete backport of 8117ac6
    - LP: #1589910

  [ Tim Gardner ]

  * [Config] Remove arc4 from nic-modules
    - LP: #1582991

  [ Upstream Kernel Changes ]

  * KVM: x86: move steal time initialization to vcpu entry time
    - LP: #1494350
  * lpfc: Fix premature release of rpi bit in bitmask
    - LP: #1580560
  * lpfc: Correct loss of target discovery after cable swap.
    - LP: #1580560
  * mm/balloon_compaction: redesign ballooned pages management
    - LP: #1572562
  * mm/balloon_compaction: fix deflation when compaction is disabled
    - LP: #1572562
  * bridge: Fix the way to find old local fdb entries in br_fdb_changeaddr
    - LP: #1581585
  * bridge: notify user space after fdb update
    - LP: #1581585
  * ALSA: timer: Fix leak in SNDRV_TIMER_IOCTL_PARAMS
    - LP: #1580379
    - CVE-2016-4569
  * ALSA: timer: Fix leak in events via snd_timer_user_ccallback
    - LP: #1581866
    - CVE-2016-4578
  * ALSA: timer: Fix leak in events via snd_timer_user_tinterrupt
    - LP: #1581866
    - CVE-2016-4578
  * net: fix a kernel infoleak in x25 module
    - LP: #1585366
    - CVE-2016-4580
  * get_rock_ridge_filename(): handle malformed NM entries
    - LP: #1583962
    - CVE-2016-4913
  * netfilter: Set /proc/net entries owner to root in namespace
    - LP: #1584953
  * USB: usbfs: fix potential infoleak in devio
    - LP: #1578493
    - CVE-2016-4482
  * IB/security: Restrict use of the write() interface
    - LP: #1580372
    - CVE-2016-4565
  * netlink: autosize skb lengthes
    - LP: #1568969
  * xfs: allow inode allocations in post-growfs disk space
    - LP: #1560142

 -- Luis Henriques <luis.henriques@xxxxxxxxxxxxx>  Fri, 24 Jun 2016
16:19:03 +0100

** Changed in: linux (Ubuntu Trusty)
       Status: Fix Committed => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-3134

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-4482

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-4565

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-4569

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-4578

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-4580

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-4913

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1568969

Title:
  FDB table grows out of control

Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Trusty:
  Fix Released
Status in linux source package in Vivid:
  Fix Released
Status in linux source package in Wily:
  Fix Released
Status in linux source package in Xenial:
  Fix Released
Status in linux source package in Yakkety:
  Fix Released

Bug description:
  The forwarding database (FDB) grows out of control after too many broadcast entries are entered under the same interface.
  I've written a test script to reproduce the bug here using virtual box:
  https://github.com/dlevy-ibm/fdb_bug

  Also filed here: https://bugzilla.kernel.org/show_bug.cgi?id=116141

  ProblemType: Bug
  DistroRelease: Ubuntu 14.04
  Package: linux-image-3.13.0-83-generic 3.13.0-83.127
  ProcVersionSignature: Ubuntu 3.13.0-83.127-generic 3.13.11-ckt35
  Uname: Linux 3.13.0-83-generic x86_64
  AlsaDevices:
   total 0
   crw-rw---- 1 root audio 116,  1 Apr 11 16:36 seq
   crw-rw---- 1 root audio 116, 33 Apr 11 16:36 timer
  AplayDevices: Error: [Errno 2] No such file or directory: 'aplay'
  ApportVersion: 2.14.1-0ubuntu3.19
  Architecture: amd64
  ArecordDevices: Error: [Errno 2] No such file or directory: 'arecord'
  AudioDevicesInUse: Error: command ['fuser', '-v', '/dev/snd/seq', '/dev/snd/timer'] failed with exit code 1:
  CRDA: Error: [Errno 2] No such file or directory: 'iw'
  Date: Mon Apr 11 16:45:55 2016
  IwConfig: Error: [Errno 2] No such file or directory: 'iwconfig'
  Lsusb: Error: command ['lsusb'] failed with exit code 1: unable to initialize libusb: -99
  MachineType: innotek GmbH VirtualBox
  PciMultimedia:
   
  ProcEnviron:
   TERM=xterm-256color
   PATH=(custom, no user)
   LANG=en_US.UTF-8
   SHELL=/bin/bash
  ProcFB:
   
  ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-3.13.0-83-generic root=UUID=a742ba82-8430-4d30-b747-99c9c9af3168 ro console=tty1 console=ttyS0
  RelatedPackageVersions:
   linux-restricted-modules-3.13.0-83-generic N/A
   linux-backports-modules-3.13.0-83-generic  N/A
   linux-firmware                             N/A
  RfKill: Error: [Errno 2] No such file or directory: 'rfkill'
  SourcePackage: linux
  UpgradeStatus: No upgrade log present (probably fresh install)
  dmi.bios.date: 12/01/2006
  dmi.bios.vendor: innotek GmbH
  dmi.bios.version: VirtualBox
  dmi.board.name: VirtualBox
  dmi.board.vendor: Oracle Corporation
  dmi.board.version: 1.2
  dmi.chassis.type: 1
  dmi.chassis.vendor: Oracle Corporation
  dmi.modalias: dmi:bvninnotekGmbH:bvrVirtualBox:bd12/01/2006:svninnotekGmbH:pnVirtualBox:pvr1.2:rvnOracleCorporation:rnVirtualBox:rvr1.2:cvnOracleCorporation:ct1:cvr:
  dmi.product.name: VirtualBox
  dmi.product.version: 1.2
  dmi.sys.vendor: innotek GmbH

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1568969/+subscriptions
References

[Bug 1568969] [NEW] FDB table grows out of control
From: Daniel, 2016-04-11