From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from wtarreau.pck.nerim.net ([62.212.114.60]:48896 "EHLO 1wt.eu" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750879AbcHSFTg (ORCPT ); Fri, 19 Aug 2016 01:19:36 -0400 Date: Fri, 19 Aug 2016 07:19:22 +0200 From: Willy Tarreau To: mancha security Cc: stable@vger.kernel.org, jslaby@suse.cz, edumazet@google.com Subject: Re: [PATCH 3.10.x/3.12.x] net: challenge ACK side-channel attack mitigation (CVE-2016-5696) Message-ID: <20160819051922.GF17944@1wt.eu> References: <20160818223339.GA7217@zoho.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20160818223339.GA7217@zoho.com> Sender: stable-owner@vger.kernel.org List-ID: Hi, On Thu, Aug 18, 2016 at 10:33:39PM +0000, mancha security wrote: > Hello. > > Recently Yue Cao et al. published findings related to a side-channel > vulnerability in Linux's RFC 5961 TCP challenge ACK implementation in > kernels 3.6+. > > They find the vulnerability can be leveraged by off-path attackers to > trigger connection terminations or data injection. [1] > > The attached backported mitigation for use with 3.10.x (applies cleanly > to 3.10.102) is based on Eric Dumazet's (& Linus Torvalds') mainline > patch. [2] > > I submit it for your consideration for inclusion in 3.10.103. > > Additionally, it is sufficiently self-contained so it likely can be used > with 3.12.x. That's very kind of you, but Chas Williams already provided us with this backport. I hope to be able to work on 3.10.103 this week-end. Thanks! Willy