From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.linuxfoundation.org ([140.211.169.12]:58704 "EHLO mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751948AbcEPVth (ORCPT ); Mon, 16 May 2016 17:49:37 -0400 Subject: Patch "atl2: Disable unimplemented scatter/gather feature" has been added to the 3.14-stable tree To: ben@decadent.org.uk, davem@davemloft.net, gregkh@linuxfoundation.org, jyackoski@crypto-nite.com Cc: , From: Date: Mon, 16 May 2016 14:49:12 -0700 Message-ID: <146343535224138@kroah.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ANSI_X3.4-1968 Content-Transfer-Encoding: 8bit Sender: stable-owner@vger.kernel.org List-ID: This is a note to let you know that I've just added the patch titled atl2: Disable unimplemented scatter/gather feature to the 3.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: atl2-disable-unimplemented-scatter-gather-feature.patch and it can be found in the queue-3.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let know about it. >>From foo@baz Mon May 16 14:28:53 PDT 2016 From: Ben Hutchings Date: Wed, 20 Apr 2016 23:23:08 +0100 Subject: atl2: Disable unimplemented scatter/gather feature Status: RO Content-Length: 1547 Lines: 37 From: Ben Hutchings [ Upstream commit f43bfaeddc79effbf3d0fcb53ca477cca66f3db8 ] atl2 includes NETIF_F_SG in hw_features even though it has no support for non-linear skbs. This bug was originally harmless since the driver does not claim to implement checksum offload and that used to be a requirement for SG. Now that SG and checksum offload are independent features, if you explicitly enable SG *and* use one of the rare protocols that can use SG without checkusm offload, this potentially leaks sensitive information (before you notice that it just isn't working). Therefore this obscure bug has been designated CVE-2016-2117. Reported-by: Justin Yackoski Signed-off-by: Ben Hutchings Fixes: ec5f06156423 ("net: Kill link between CSUM and SG features.") Signed-off-by: David S. Miller Signed-off-by: Greg Kroah-Hartman --- drivers/net/ethernet/atheros/atlx/atl2.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/drivers/net/ethernet/atheros/atlx/atl2.c +++ b/drivers/net/ethernet/atheros/atlx/atl2.c @@ -1413,7 +1413,7 @@ static int atl2_probe(struct pci_dev *pd err = -EIO; - netdev->hw_features = NETIF_F_SG | NETIF_F_HW_VLAN_CTAG_RX; + netdev->hw_features = NETIF_F_HW_VLAN_CTAG_RX; netdev->features |= (NETIF_F_HW_VLAN_CTAG_TX | NETIF_F_HW_VLAN_CTAG_RX); /* Init PHY as early as possible due to power saving issue */ Patches currently in stable-queue which might be from ben@decadent.org.uk are queue-3.14/atl2-disable-unimplemented-scatter-gather-feature.patch