Ubuntu
linux package

Avoid address overwrite in kernel_connect

  1. Lunar (23.04)
  2. Bug #2035163
Bug #2035163 reported by Khaled El Mously
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Fix Released
Undecided
Unassigned
Focal
Fix Committed
Medium
Unassigned
Jammy
Fix Committed
Medium
Unassigned
Lunar
Fix Committed
Medium
Unassigned
linux-gcp (Ubuntu)
Status tracked in Mantic
Focal
Fix Released
Undecided
John Cabaj
Jammy
Fix Released
Undecided
John Cabaj
Lunar
Fix Released
Undecided
John Cabaj
Mantic
Fix Released
Undecided
Unassigned
linux-gke (Ubuntu)
Invalid
Undecided
Unassigned
Jammy
Fix Released
Undecided
John Cabaj
linux-gkeop (Ubuntu)
New
Undecided
Unassigned
Jammy
New
Undecided
Unassigned

Bug Description

This fix is requested to resolve an issue with NFS-backed mounts when used with BPF-load-balancing:

https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next.git/commit/?id=0bdf399342c5

Testing:
 - GCP has confirmed the fix works before proposing it upstream. I have verified basic network sanity with fix applied.

Regression potenial:
 - The fix modifies kernel_connect() which can have an effect on all kinds of network connections. The change itself is very minor though and simply converts a pass-by-reference to a pass-by-value - so the risk is considered minimal.

More information at: https://canonical.lightning.force.com/lightning/r/Case/5008e00000HNldDAAT/view

See original description
Khaled El Mously (kmously)
no longer affects: linux (Ubuntu)
Khaled El Mously (kmously)
description: updated
Changed in linux-gcp (Ubuntu Focal):
assignee: nobody → Khaled El Mously (kmously)
Changed in linux-gcp (Ubuntu Jammy):
assignee: nobody → Khaled El Mously (kmously)
Changed in linux-gcp (Ubuntu Lunar):
assignee: nobody → Khaled El Mously (kmously)
Changed in linux-gcp (Ubuntu Mantic):
assignee: nobody → Khaled El Mously (kmously)
Stefan Bader (smb)
Changed in linux-gke (Ubuntu Lunar):
status: New → Invalid
Changed in linux-gke (Ubuntu Mantic):
status: New → Invalid
Khaled El Mously (kmously)
no longer affects: linux-gke (Ubuntu Focal)
no longer affects: linux-gke (Ubuntu Mantic)
no longer affects: linux-gke (Ubuntu Lunar)
John Cabaj (john-cabaj)
Changed in linux-gcp (Ubuntu Focal):
status: New → Fix Committed
Changed in linux-gcp (Ubuntu Jammy):
status: New → Fix Committed
Changed in linux-gcp (Ubuntu Lunar):
status: New → Fix Committed
Changed in linux-gke (Ubuntu Jammy):
status: New → Fix Committed
Roxana Nicolescu (roxanan)
Changed in linux (Ubuntu):
status: New → Invalid
Roxana Nicolescu (roxanan)
no longer affects: linux-gcp (Ubuntu Focal)
no longer affects: linux-gcp (Ubuntu Lunar)
Changed in linux (Ubuntu Focal):
status: New → Fix Committed
Changed in linux (Ubuntu Jammy):
status: New → Fix Committed
Changed in linux (Ubuntu Lunar):
status: New → Fix Committed
Changed in linux-gcp (Ubuntu Focal):
status: New → Fix Committed
Changed in linux-gcp (Ubuntu Lunar):
status: New → Fix Committed
no longer affects: linux-gke (Ubuntu Focal)
no longer affects: linux-gke (Ubuntu Lunar)
Changed in linux-gcp (Ubuntu Mantic):
status: New → Fix Committed
status: Fix Committed → New
Changed in linux-gcp (Ubuntu Jammy):
assignee: Khaled El Mously (kmously) → nobody
Changed in linux-gcp (Ubuntu Mantic):
assignee: Khaled El Mously (kmously) → nobody
Changed in linux-gcp (Ubuntu Focal):
assignee: nobody → John Cabaj (john-cabaj)
Changed in linux-gcp (Ubuntu Jammy):
assignee: nobody → John Cabaj (john-cabaj)
Changed in linux-gcp (Ubuntu Lunar):
assignee: nobody → John Cabaj (john-cabaj)
Changed in linux-gke (Ubuntu Jammy):
assignee: nobody → John Cabaj (john-cabaj)
Stefan Bader (smb)
Changed in linux (Ubuntu Focal):
importance: Undecided → Medium
Changed in linux (Ubuntu Jammy):
importance: Undecided → Medium
Changed in linux (Ubuntu Lunar):
importance: Undecided → Medium
Revision history for this message
John Cabaj (john-cabaj) wrote :

Fix was tested by Google, and the relevant patch is in all releases of linux-gcp and linux-gke affected.

Changed in linux-gcp (Ubuntu Focal):
status: Fix Committed → Fix Released
Changed in linux-gcp (Ubuntu Jammy):
status: Fix Committed → Fix Released
Changed in linux-gcp (Ubuntu Lunar):
status: Fix Committed → Fix Released
Changed in linux-gcp (Ubuntu Mantic):
status: New → Fix Released
Changed in linux-gke (Ubuntu Jammy):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux - 6.5.0-7.7

---------------
linux (6.5.0-7.7) mantic; urgency=medium

  * mantic/linux: 6.5.0-7.7 -proposed tracker (LP: #2037611)

  * kexec enable to load/kdump zstd compressed zimg (LP: #2037398)
    - [Packaging] Revert arm64 image format to Image.gz

  * Mantic minimized/minimal cloud images do not receive IP address during
    provisioning (LP: #2036968)
    - [Config] Enable virtio-net as built-in to avoid race

  * Miscellaneous Ubuntu changes
    - SAUCE: Add mdev_set_iommu_device() kABI
    - [Config] update gcc version in annotations

 -- Andrea Righi <email address hidden> Thu, 28 Sep 2023 10:19:24 +0200

Changed in linux (Ubuntu):
status: Invalid → Fix Released
Revision history for this message
Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote :

This bug is awaiting verification that the linux/5.15.0-88.98 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-jammy-linux' to 'verification-done-jammy-linux'. If the problem still exists, change the tag 'verification-needed-jammy-linux' to 'verification-failed-jammy-linux'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags: added: kernel-spammed-jammy-linux-v2 verification-needed-jammy-linux
Revision history for this message
Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote :

This bug is awaiting verification that the linux/5.4.0-166.183 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-focal-linux' to 'verification-done-focal-linux'. If the problem still exists, change the tag 'verification-needed-focal-linux' to 'verification-failed-focal-linux'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags: added: kernel-spammed-focal-linux-v2 verification-needed-focal-linux
Revision history for this message
Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote :

This bug is awaiting verification that the linux/6.2.0-36.37 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-lunar-linux' to 'verification-done-lunar-linux'. If the problem still exists, change the tag 'verification-needed-lunar-linux' to 'verification-failed-lunar-linux'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags: added: kernel-spammed-lunar-linux-v2 verification-needed-lunar-linux
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.