Ubuntu
linux package

skb -> ip_summed == CHECKSUM_NONE creates corrupt packets

Bug #1547207 reported by bugproxy
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Fix Released
Undecided
Tim Gardner
Precise
Fix Released
Undecided
Tim Gardner
Trusty
Fix Released
Undecided
Unassigned
Vivid
Fix Released
Undecided
Unassigned
Wily
Fix Released
Undecided
Unassigned
Xenial
Fix Released
Undecided
Tim Gardner

Bug Description

Canonical, Please apply.

Release: all
Arch: all

Original discussion here: http://www.gossamer-threads.com/lists/linux/kernel/2329960

Signed off patch here: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce8c839b74e3017996fad4e1b7ba2e2625ede82f

CVE References

Revision history for this message
bugproxy (bugproxy) wrote : Patch from kernel.org

Default Comment by Bridge

tags: added: architecture-all bugnameltc-137501 severity-medium targetmilestone-inin---
Changed in ubuntu:
assignee: nobody → Taco Screen team (taco-screen-team)
Kevin W. Rudd (kevinr)
affects: ubuntu → linux (Ubuntu)
Tim Gardner (timg-tpi)
Changed in linux (Ubuntu Xenial):
status: New → Fix Released
assignee: Taco Screen team (taco-screen-team) → Tim Gardner (timg-tpi)
Changed in linux (Ubuntu Wily):
status: New → Fix Released
Changed in linux (Ubuntu Vivid):
status: New → Fix Released
Changed in linux (Ubuntu Trusty):
status: New → Fix Released
Changed in linux (Ubuntu Precise):
assignee: nobody → Tim Gardner (timg-tpi)
status: New → In Progress
bugproxy (bugproxy)
tags: added: targetmilestone-inin1510
removed: targetmilestone-inin---
Brad Figg (brad-figg)
Changed in linux (Ubuntu Precise):
status: In Progress → Fix Committed
Revision history for this message
Brad Figg (brad-figg) wrote :

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-precise' to 'verification-done-precise'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags: added: verification-needed-precise
bugproxy (bugproxy)
tags: removed: verification-needed-precise
Kevin W. Rudd (kevinr)
tags: added: verification-done-precise
Revision history for this message
bugproxy (bugproxy) wrote : Comment bridged from LTC Bugzilla

------- Comment From <email address hidden> 2016-03-01 10:02 EDT-------
(In reply to comment #11)
> I have validated and tested this patch. I verified this patch will no longer
> allow the veth device to send corrupt data to applications.

tags: removed: verification-done-precise
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux - 3.2.0-101.141

---------------
linux (3.2.0-101.141) precise; urgency=low

  [ Brad Figg ]

  * Release Tracking Bug
    - LP: #1555809

  [ Florian Westphal ]

  * SAUCE: [nf,v2] netfilter: x_tables: don't rely on well-behaving
    userspace
    - LP: #1555338

linux (3.2.0-100.140) precise; urgency=low

  [ Brad Figg ]

  * Release Tracking Bug
    - LP: #1548504

  [ Upstream Kernel Changes ]

  * veth: don’t modify ip_summed; doing so treats packets with bad
    checksums as good.
    - LP: #1547207
  * ALSA: usb-audio: avoid freeing umidi object twice
    - LP: #1546177
    - CVE-2016-2384

 -- Brad Figg <email address hidden> Thu, 10 Mar 2016 13:05:32 -0800

Changed in linux (Ubuntu Precise):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.