Backport RXRPC for 6.1.y from 6.2
Jeffrey Altman
jaltman at auristor.com
Sun May 10 13:50:10 PDT 2026
> On May 10, 2026, at 4:21 PM, Wentao Guan <guanwentao at uniontech.com> wrote:
>
>> Back porting many years of RXRPC feature changes to fix this
>> vulnerability if present
>> feels like the wrong thing to do. If the vulnerability is present, we
> I confirmed v6.1.70 is vulnerable with the poc, v6.1.172 not ok, I am doing
> some bisects to figure out which version vulnerable or just fix poc.
> FYI,[PATCH net v3] rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present
> ... Fixes: d0d5c0cd1e71 ("rxrpc: Use skb_unshare() rather than skb_cow_data()")
> is in v5.3-rc7...:(, so it will affect 5.10.y 5.15.y 6.1.y than someone says >6.5 ver:(.
>> can try to find a
>
>> branch specific fix.
> I am glad to see it:).
>
> BRs
> Wentao Guan
v6.1.171 contains 5d55c7336f8032d434adcc5fab987ccc93a44aec
("xfrm: esp: avoid in-place decrypt on shared skb frags”) which prevents the esp4/esp6 variant.
If the POC fails with v6.1.171 then the RXRPC path is not vulnerable.
Thank you for your continued testing.
Jeffrey Altman
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4120 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/linux-afs/attachments/20260510/335e7488/attachment-0001.p7s>
More information about the linux-afs
mailing list