Backport RXRPC for 6.1.y from 6.2
Jeffrey E Altman
jaltman at auristor.com
Sun May 10 11:38:26 PDT 2026
On 5/10/2026 2:26 PM, Wentao Guan wrote:
>> I cannot easily check but it doesn't look like 6.1.179 is vulnerable to
> 6.1.179-> seem 6.1.172
>> CVE-2026-43500.
> FYI, to reproduce it, just runing a POC with CONFIG_AF_RXRPC + CONFIG_RXKAD,
> i am sure without CONFIG_RXKAD it is not affected in v6.1.172 with my test.
> POC: https://github.com/V4bel/dirtyfrag/blob/master/exp.c
> (run it with '--force-rxrpc' or remove CONFIG_INET_ESP)
RXRPC and RXKAD would be required to reproduce. The POC does not
attempt to try
the RXRPC case if the ESP case succeeds. So the ESP case must be
patched first or
disabled.
>> Please check.
> I will recheck it, i do many tests these days so I am 100% sure now,
> i will reply when i finish my tests with 6.1.172.
>
>> Please check.
> I am sure that some 5.10 or 6.1 version are vulnerable with our tests.
>
> BRs
> Wentao Guan
Back porting many years of RXRPC feature changes to fix this
vulnerability if present
feels like the wrong thing to do. If the vulnerability is present, we
can try to find a
branch specific fix.
Jeffrey Altman
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4467 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.infradead.org/pipermail/linux-afs/attachments/20260510/31707ccf/attachment-0001.p7s>
More information about the linux-afs
mailing list