Yes, already queued by Eric Dumazet in all stable since report in April http://patchwork.ozlabs.org/patch/746618/
Yes, i did, but troubleshooting done and fix issued by Eric Dumazet. Also there is chance exist that someone used it for malicious purposes "in wild" at that moment, as it appeared at peak time on ISP, in specific network with many users, while exactly same setup on other locations didn't had this issue. That was reason to enable KASAN and to search for it. No CVE as far as i know, i just don't know how to do that. Not sure if Eric or netfilter developers (for example Pablo Neira Ayuso) filled anything. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1739765 Title: xt_TCPMSS buffer overflow bug Status in linux package in Ubuntu: Incomplete Bug description: Bug was reported in LKML here: https://lkml.org/lkml/2017/4/2/13 In few words - corrupted packet might be used to modify memory at router who has xt_TCPMSS used as iptables action. This is really nasty bug, and can be triggered remotely by malicious person on anything that usually use this iptables action (PPPoE/PPTP-enabled ISP or VPN provider, for example). This bug existed for several years, i guess. I waited for a while since April, as it's already pushed to stable, and probably all distributions have it updated, so now it's time to do bugreport, to make sure it is really fixed everywhere. Maybe worth to assign CVE for it? To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1739765/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
