summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJustin M. Forbes <jforbes@fedoraproject.org>2020-10-01 12:40:20 -0500
committerJustin M. Forbes <jforbes@fedoraproject.org>2020-10-01 12:40:20 -0500
commita87a3d19a025cda444a85789015a11b5c87ebff8 (patch)
tree60f871e49142e12d07cff5cbcee38605f1e9b0fe
parent323f25a1ee143ada66a7d533790b76a9f830cefb (diff)
downloadkernel-a87a3d19a025cda444a85789015a11b5c87ebff8.tar.gz
kernel-a87a3d19a025cda444a85789015a11b5c87ebff8.tar.xz
kernel-a87a3d19a025cda444a85789015a11b5c87ebff8.zip
Linux v5.8.13
Signed-off-by: Justin M. Forbes <jforbes@fedoraproject.org>
-rw-r--r--kernel.spec8
-rw-r--r--netfilter-ctnetlink-add-range-check-for-l3-l4-protonum.patch63
-rw-r--r--sources2
3 files changed, 5 insertions, 68 deletions
diff --git a/kernel.spec b/kernel.spec
index d38bd13b0..c7e9785e2 100644
--- a/kernel.spec
+++ b/kernel.spec
@@ -89,7 +89,7 @@ Summary: The Linux kernel
%if 0%{?released_kernel}
# Do we have a -stable update to apply?
-%define stable_update 12
+%define stable_update 13
# Set rpm version accordingly
%if 0%{?stable_update}
%define stablerev %{stable_update}
@@ -866,9 +866,6 @@ Patch107: 0001-drivers-perf-xgene_pmu-Fix-uninitialized-resource-st.patch
Patch110: memory-tegra-Remove-GPU-from-DRM-IOMMU-group.patch
-# CVE-2020-25211 rhbz 1877571 1877572
-Patch111: netfilter-ctnetlink-add-range-check-for-l3-l4-protonum.patch
-
# rhbz 1873720
Patch112: v2-nfs-Fix-security-label-length-not-being-reset.patch
@@ -2988,6 +2985,9 @@ fi
#
#
%changelog
+* Thu Oct 1 12:09:18 CDT 2020 Justin M. Forbes <jforbes@fedoraproject.org> - 5.8.13-100
+- Linux v5.8.13
+
* Mon Sep 28 06:49:03 CDT 2020 Justin M. Forbes <jforbes@fedoraproject.org> - 5.8.12-100
- Linux v5.8.12
diff --git a/netfilter-ctnetlink-add-range-check-for-l3-l4-protonum.patch b/netfilter-ctnetlink-add-range-check-for-l3-l4-protonum.patch
deleted file mode 100644
index 5e3901440..000000000
--- a/netfilter-ctnetlink-add-range-check-for-l3-l4-protonum.patch
+++ /dev/null
@@ -1,63 +0,0 @@
-From 1cc5ef91d2ff94d2bf2de3b3585423e8a1051cb6 Mon Sep 17 00:00:00 2001
-From: Will McVicker <willmcvicker@google.com>
-Date: Mon, 24 Aug 2020 19:38:32 +0000
-Subject: netfilter: ctnetlink: add a range check for l3/l4 protonum
-
-The indexes to the nf_nat_l[34]protos arrays come from userspace. So
-check the tuple's family, e.g. l3num, when creating the conntrack in
-order to prevent an OOB memory access during setup. Here is an example
-kernel panic on 4.14.180 when userspace passes in an index greater than
-NFPROTO_NUMPROTO.
-
-Internal error: Oops - BUG: 0 [#1] PREEMPT SMP
-Modules linked in:...
-Process poc (pid: 5614, stack limit = 0x00000000a3933121)
-CPU: 4 PID: 5614 Comm: poc Tainted: G S W O 4.14.180-g051355490483
-Hardware name: Qualcomm Technologies, Inc. SM8150 V2 PM8150 Google Inc. MSM
-task: 000000002a3dfffe task.stack: 00000000a3933121
-pc : __cfi_check_fail+0x1c/0x24
-lr : __cfi_check_fail+0x1c/0x24
-...
-Call trace:
-__cfi_check_fail+0x1c/0x24
-name_to_dev_t+0x0/0x468
-nfnetlink_parse_nat_setup+0x234/0x258
-ctnetlink_parse_nat_setup+0x4c/0x228
-ctnetlink_new_conntrack+0x590/0xc40
-nfnetlink_rcv_msg+0x31c/0x4d4
-netlink_rcv_skb+0x100/0x184
-nfnetlink_rcv+0xf4/0x180
-netlink_unicast+0x360/0x770
-netlink_sendmsg+0x5a0/0x6a4
-___sys_sendmsg+0x314/0x46c
-SyS_sendmsg+0xb4/0x108
-el0_svc_naked+0x34/0x38
-
-This crash is not happening since 5.4+, however, ctnetlink still
-allows for creating entries with unsupported layer 3 protocol number.
-
-Fixes: c1d10adb4a521 ("[NETFILTER]: Add ctnetlink port for nf_conntrack")
-Signed-off-by: Will McVicker <willmcvicker@google.com>
-[pablo@netfilter.org: rebased original patch on top of nf.git]
-Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
----
- net/netfilter/nf_conntrack_netlink.c | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c
-index 832eabecfbddc..d65846aa80591 100644
---- a/net/netfilter/nf_conntrack_netlink.c
-+++ b/net/netfilter/nf_conntrack_netlink.c
-@@ -1404,7 +1404,8 @@ ctnetlink_parse_tuple_filter(const struct nlattr * const cda[],
- if (err < 0)
- return err;
-
--
-+ if (l3num != NFPROTO_IPV4 && l3num != NFPROTO_IPV6)
-+ return -EOPNOTSUPP;
- tuple->src.l3num = l3num;
-
- if (flags & CTA_FILTER_FLAG(CTA_IP_DST) ||
---
-cgit 1.2.3-1.el7
-
diff --git a/sources b/sources
index bc4c855ca..7015594b4 100644
--- a/sources
+++ b/sources
@@ -1,2 +1,2 @@
SHA512 (linux-5.8.tar.xz) = 19c8694bda4533464877e2d976aca95f48c2c40c11efcc1dce0ca91cc5f9826110e277c7de2a49ff99af8ae1c76e275b7c463abf71fbf410956d63066dc4ee53
-SHA512 (patch-5.8.12.xz) = 46aaf68e7771376688401736b8f36cbfa32e0cf2bbaeeeeaaaed0e9c44e62b427db912397f04415e65981eb801f9a23384503e3f005c1bf34d96bdfe39460b06
+SHA512 (patch-5.8.13.xz) = 4686b149cde34dae709a806b283724a970a2a8ce3b5bc858c160618c756ce3d6dd5628d9e91117a682dc011a68ef23cc3e9c16fbce4ff3537d919201a432ade8