Description
In the Linux kernel, the following vulnerability has been resolved: xsk: tighten UMEM headroom validation to account for tailroom and min frame The current headroom validation in xdp_umem_reg() could leave us with insufficient space dedicated to even receive minimum-sized ethernet frame. Furthermore if multi-buffer would come to play then skb_shared_info stored at the end of XSK frame would be corrupted. HW typically works with 128-aligned sizes so let us provide this value as bare minimum. Multi-buffer setting is known later in the configuration process so besides accounting for 128 bytes, let us also take care of tailroom space upfront.
Product status
99e3a236dd43d06c65af0a2ef9cb44306aef6e02 (git) before a03975beb9f6af0d8ac051e30b2abeabe618414f
99e3a236dd43d06c65af0a2ef9cb44306aef6e02 (git) before 0ec4d3f6e6934deb843b561ae048cd17218e5ad1
99e3a236dd43d06c65af0a2ef9cb44306aef6e02 (git) before 9ea6ba4f3195dcba6e8b3e7b2e748593b7cafb12
99e3a236dd43d06c65af0a2ef9cb44306aef6e02 (git) before 6523bc1b40e69301f24c14338b762af4739d6d39
99e3a236dd43d06c65af0a2ef9cb44306aef6e02 (git) before a315e022a72d95ef5f1d4e58e903cb492b0ad931
ad8fb61c184fe0f8d1e0b5b954d010fb9f94a6ee (git)
25c9cdef57488578da21d99eb614b97ffcf6e59f (git)
98d3c852e63b49129515dd18c875999efaf8530a (git)
5.7
Any version before 5.7
6.6.136 (semver)
6.12.83 (semver)
6.18.24 (semver)
6.19.14 (semver)
7.0 (original_commit_for_fix)
References
git.kernel.org/...c/a03975beb9f6af0d8ac051e30b2abeabe618414f
git.kernel.org/...c/0ec4d3f6e6934deb843b561ae048cd17218e5ad1
git.kernel.org/...c/9ea6ba4f3195dcba6e8b3e7b2e748593b7cafb12
git.kernel.org/...c/6523bc1b40e69301f24c14338b762af4739d6d39
git.kernel.org/...c/a315e022a72d95ef5f1d4e58e903cb492b0ad931