On 4/19/21 10:52 AM, Kasper Dupont wrote: > On 19/04/21 10.10, David Ahern wrote: >> On 4/19/21 9:44 AM, Kasper Dupont wrote: >>> >>> Is there any update regarding this change? >>> >>> I noticed this regression when it was used in a DoS attack on one of >>> my servers which I had upgraded from Ubuntu 18.04 to 20.04. >>> >>> I have verified that Ubuntu 18.04 is not subject to this attack and >>> Ubuntu 20.04 is vulnerable. I have also verified that the one-line >>> change which Cascardo has provided fixes the vulnerability on Ubuntu >>> 20.04. >>> >> >> your testing included both patches or just this one? > > I applied only this one line change on top of the kernel in Ubuntu > 20.04. The behavior I observed was that without the patch the kernel > was vulnerable and with that patch I was unable to reproduce the > problem.
This patch should be re-submitted standalone for -net > > The other longer patch is for a different issue which Cascardo > discovered while working on the one I had reported. I don't have an > environment set up where I can reproduce the issue addressed by that > larger patch. > The first patch is the one I have concerns about.
