From: Jeffrey E Altman <jaltman@auristor.com>
To: Wentao Guan <guanwentao@uniontech.com>
Cc: dhowells@redhat.com, gregkh@linuxfoundation.org,
horms@kernel.org, kuba@kernel.org, linux-afs@lists.infradead.org,
marc.dionne@auristor.com, sashal@kernel.org, stable@kernel.org,
stable@vger.kernel.org
Subject: Re: Backport RXRPC for 6.1.y from 6.2
Date: Sun, 10 May 2026 14:38:26 -0400 [thread overview]
Message-ID: <379c4dcb-11ac-43fc-a539-6cb5de9eef3a@auristor.com> (raw)
In-Reply-To: <20260510182646.267145-1-guanwentao@uniontech.com>
[-- Attachment #1: Type: text/plain, Size: 1125 bytes --]
On 5/10/2026 2:26 PM, Wentao Guan wrote:
>> I cannot easily check but it doesn't look like 6.1.179 is vulnerable to
> 6.1.179-> seem 6.1.172
>> CVE-2026-43500.
> FYI, to reproduce it, just runing a POC with CONFIG_AF_RXRPC + CONFIG_RXKAD,
> i am sure without CONFIG_RXKAD it is not affected in v6.1.172 with my test.
> POC: https://github.com/V4bel/dirtyfrag/blob/master/exp.c
> (run it with '--force-rxrpc' or remove CONFIG_INET_ESP)
RXRPC and RXKAD would be required to reproduce. The POC does not
attempt to try
the RXRPC case if the ESP case succeeds. So the ESP case must be
patched first or
disabled.
>> Please check.
> I will recheck it, i do many tests these days so I am 100% sure now,
> i will reply when i finish my tests with 6.1.172.
>
>> Please check.
> I am sure that some 5.10 or 6.1 version are vulnerable with our tests.
>
> BRs
> Wentao Guan
Back porting many years of RXRPC feature changes to fix this
vulnerability if present
feels like the wrong thing to do. If the vulnerability is present, we
can try to find a
branch specific fix.
Jeffrey Altman
[-- Attachment #2: S/MIME Cryptographic Signature --]
[-- Type: application/pkcs7-signature, Size: 4467 bytes --]
next prev parent reply other threads:[~2026-05-10 18:38 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-05-01 12:07 FAILED: patch "[PATCH] rxrpc: Fix conn-level packet handling to unshare RESPONSE" failed to apply to 6.6-stable tree gregkh
2026-05-03 14:33 ` [PATCH 6.6.y] rxrpc: Fix conn-level packet handling to unshare RESPONSE packets Sasha Levin
2026-05-08 8:31 ` [PATCH RFC 6.6] rxrpc: Fix potential UAF after skb_unshare() failure Wentao Guan
2026-05-08 8:57 ` Greg KH
2026-05-08 9:38 ` Wentao Guan
2026-05-08 21:11 ` Sasha Levin
2026-05-09 20:01 ` Backport RXRPC for 6.1.y from 6.2 Wentao Guan
2026-05-10 16:17 ` Greg KH
2026-05-10 16:36 ` Wentao Guan
2026-05-10 16:43 ` Greg KH
2026-05-10 17:25 ` Jeffrey E Altman
2026-05-10 17:41 ` Wentao Guan
2026-05-10 18:04 ` Jeffrey E Altman
2026-05-10 18:26 ` Wentao Guan
2026-05-10 18:38 ` Jeffrey E Altman [this message]
2026-05-10 20:21 ` Wentao Guan
2026-05-10 20:50 ` Jeffrey Altman
2026-05-10 21:47 ` Wentao Guan
2026-05-10 22:30 ` Wentao Guan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=379c4dcb-11ac-43fc-a539-6cb5de9eef3a@auristor.com \
--to=jaltman@auristor.com \
--cc=dhowells@redhat.com \
--cc=gregkh@linuxfoundation.org \
--cc=guanwentao@uniontech.com \
--cc=horms@kernel.org \
--cc=kuba@kernel.org \
--cc=linux-afs@lists.infradead.org \
--cc=marc.dionne@auristor.com \
--cc=sashal@kernel.org \
--cc=stable@kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox