Ubuntu
iptables-netflow package

UBSAN: shift-out-of-bounds in /var/lib/dkms/ipt-netflow/2.6/build/ipt_NETFLOW.c:4853:13

Bug #1996422 reported by Sanyasi
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
iptables-netflow (Ubuntu)
New
Undecided
Unassigned

Bug Description

iptables-netflow-dkms 2.6-2ubuntu1
5.15.0-52-generic

modprobe ipt_NETFLOW protocol=9 natevents=1
sysctl net.netflow.destination=192.168.1.1:9996

2022-11-11 21:22:27 kernel:[39827.911647] ================================================================================
2022-11-11 21:22:27 kernel:[39827.911652] UBSAN: shift-out-of-bounds in /var/lib/dkms/ipt-netflow/2.6/build/ipt_NETFLOW.c:4853:13
2022-11-11 21:22:27 kernel:[39827.911656] shift exponent 32 is too large for 32-bit type 'int'
2022-11-11 21:22:27 kernel:[39827.911658] CPU: 4 PID: 0 Comm: swapper/4 Tainted: G OE 5.15.0-52-generic #58-Ubuntu
2022-11-11 21:22:27 kernel:[39827.911660] Hardware name: Gigabyte Technology Co., Ltd. B560 HD3/B560 HD3, BIOS F10 11/03/2021
2022-11-11 21:22:27 kernel:[39827.911660] Call Trace:
2022-11-11 21:22:27 kernel:[39827.911647] ================================================================================
2022-11-11 21:22:27 kernel:[39827.911652] UBSAN: shift-out-of-bounds in /var/lib/dkms/ipt-netflow/2.6/build/ipt_NETFLOW.c:4853:13
2022-11-11 21:22:27 kernel:[39827.911656] shift exponent 32 is too large for 32-bit type 'int'
2022-11-11 21:22:27 kernel:[39827.911658] CPU: 4 PID: 0 Comm: swapper/4 Tainted: G OE 5.15.0-52-generic #58-Ubuntu
2022-11-11 21:22:27 kernel:[39827.911660] Hardware name: Gigabyte Technology Co., Ltd. B560 HD3/B560 HD3, BIOS F10 11/03/2021
2022-11-11 21:22:27 kernel:[39827.911660] Call Trace:
2022-11-11 21:22:27 kernel:[39827.911662] <IRQ>
2022-11-11 21:22:27 kernel:[39827.911663] show_stack+0x52/0x5c
2022-11-11 21:22:27 kernel:[39827.911666] dump_stack_lvl+0x4a/0x63
2022-11-11 21:22:27 kernel:[39827.911669] dump_stack+0x10/0x16
2022-11-11 21:22:27 kernel:[39827.911670] ubsan_epilogue+0x9/0x49
2022-11-11 21:22:27 kernel:[39827.911672] __ubsan_handle_shift_out_of_bounds.cold+0x61/0xef
2022-11-11 21:22:27 kernel:[39827.911673] ? dequeue_skb+0x86/0x500
2022-11-11 21:22:27 kernel:[39827.911677] netflow_target.cold+0x34/0x46 [ipt_NETFLOW]
2022-11-11 21:22:27 kernel:[39827.911682] ? ratelimit_mt+0x237/0x3f0 [xt_ratelimit]
2022-11-11 21:22:27 kernel:[39827.911685] nft_target_eval_xt+0x5e/0xa0 [nft_compat]
2022-11-11 21:22:27 kernel:[39827.911687] nft_do_chain+0x169/0x600 [nf_tables]
2022-11-11 21:22:27 kernel:[39827.911692] ? __mkroute_input+0x141/0x390
2022-11-11 21:22:27 kernel:[39827.911694] ? ip_route_input_slow+0x807/0xa10
2022-11-11 21:22:27 kernel:[39827.911695] ? nf_nat_manip_pkt+0x98/0xb0 [nf_nat]
2022-11-11 21:22:27 kernel:[39827.911698] nft_do_chain_ipv4+0x65/0x80 [nf_tables]
2022-11-11 21:22:27 kernel:[39827.911703] nf_hook_slow+0x41/0xc0
2022-11-11 21:22:27 kernel:[39827.911704] ip_forward+0x4dc/0x550
2022-11-11 21:22:27 kernel:[39827.911706] ? ipv4_mtu+0x52/0xa0
2022-11-11 21:22:27 kernel:[39827.911707] ? ip_expire+0x1a0/0x1a0
2022-11-11 21:22:27 kernel:[39827.911708] ip_sublist_rcv_finish+0x6f/0x80
2022-11-11 21:22:27 kernel:[39827.911710] ip_sublist_rcv+0x17c/0x200
2022-11-11 21:22:27 kernel:[39827.911711] ? ip_sublist_rcv+0x200/0x200
2022-11-11 21:22:27 kernel:[39827.911713] ip_list_rcv+0xf9/0x120
2022-11-11 21:22:27 kernel:[39827.911714] __netif_receive_skb_list_core+0x218/0x240
2022-11-11 21:22:27 kernel:[39827.911716] netif_receive_skb_list_internal+0x18e/0x2a0
2022-11-11 21:22:27 kernel:[39827.911717] napi_complete_done+0x7a/0x1c0
2022-11-11 21:22:27 kernel:[39827.911719] ixgbe_poll+0x124/0x260 [ixgbe]
2022-11-11 21:22:27 kernel:[39827.911726] __napi_poll+0x30/0x190
2022-11-11 21:22:27 kernel:[39827.911727] net_rx_action+0x126/0x280
2022-11-11 21:22:27 kernel:[39827.911728] __do_softirq+0xd6/0x2e7
2022-11-11 21:22:27 kernel:[39827.911730] irq_exit_rcu+0x94/0xc0
2022-11-11 21:22:27 kernel:[39827.911732] common_interrupt+0x8e/0xa0
2022-11-11 21:22:27 kernel:[39827.911734] </IRQ>
2022-11-11 21:22:27 kernel:[39827.911734] <TASK>
2022-11-11 21:22:27 kernel:[39827.911735] asm_common_interrupt+0x26/0x40
2022-11-11 21:22:27 kernel:[39827.911737] RIP: 0010:cpu_idle_poll.isra.0+0x33/0xd0
2022-11-11 21:22:27 kernel:[39827.911739] Code: 53 65 8b 15 37 c7 a6 56 66 90 e8 f8 01 3b ff fb 66 0f 1f 44 00 00 65 48 8b 1c 25 c0 fb 01 00 48 8b 03 a8 08 74 0b eb 1c f3 90 <48> 8b 03 a8 08 75 13 8b 05 70 c8 48 01 85 c0 75 ed e8 17 a1 3d ff
2022-11-11 21:22:27 kernel:[39827.911740] RSP: 0018:ffffb588c0163ed8 EFLAGS: 00000202
2022-11-11 21:22:27 kernel:[39827.911742] RAX: 0000000000000001 RBX: ffff97e500826000 RCX: 0000000000000000
2022-11-11 21:22:27 kernel:[39827.911743] RDX: 000000000267f157 RSI: 0000000000000000 RDI: 000000000267f158
2022-11-11 21:22:27 kernel:[39827.911743] RBP: ffffb588c0163ee0 R08: 00002439285d8d7c R09: 0000000000000000
2022-11-11 21:22:27 kernel:[39827.911744] R10: 0000000000000000 R11: 0000000000000000 R12: ffff97e500826000
2022-11-11 21:22:27 kernel:[39827.911745] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
2022-11-11 21:22:27 kernel:[39827.911746] ? cpu_idle_poll.isra.0+0x18/0xd0
2022-11-11 21:22:27 kernel:[39827.911747] do_idle+0x45/0xf0
2022-11-11 21:22:27 kernel:[39827.911748] cpu_startup_entry+0x20/0x30
2022-11-11 21:22:27 kernel:[39827.911749] start_secondary+0x12a/0x180
2022-11-11 21:22:27 kernel:[39827.911751] secondary_startup_64_no_verify+0xc2/0xcb
2022-11-11 21:22:27 kernel:[39827.911753] </TASK>
2022-11-11 21:22:27 kernel:[39827.911754] ================================================================================
2022-11-11 21:22:27 kernel:[39827.911662] <IRQ>
2022-11-11 21:22:27 kernel:[39827.911663] show_stack+0x52/0x5c
2022-11-11 21:22:27 kernel:[39827.911666] dump_stack_lvl+0x4a/0x63
2022-11-11 21:22:27 kernel:[39827.911669] dump_stack+0x10/0x16
2022-11-11 21:22:27 kernel:[39827.911670] ubsan_epilogue+0x9/0x49
2022-11-11 21:22:27 kernel:[39827.911672] __ubsan_handle_shift_out_of_bounds.cold+0x61/0xef
2022-11-11 21:22:27 kernel:[39827.911673] ? dequeue_skb+0x86/0x500
2022-11-11 21:22:27 kernel:[39827.911677] netflow_target.cold+0x34/0x46 [ipt_NETFLOW]
2022-11-11 21:22:27 kernel:[39827.911682] ? ratelimit_mt+0x237/0x3f0 [xt_ratelimit]
2022-11-11 21:22:27 kernel:[39827.911685] nft_target_eval_xt+0x5e/0xa0 [nft_compat]
2022-11-11 21:22:27 kernel:[39827.911687] nft_do_chain+0x169/0x600 [nf_tables]
2022-11-11 21:22:27 kernel:[39827.911692] ? __mkroute_input+0x141/0x390
2022-11-11 21:22:27 kernel:[39827.911694] ? ip_route_input_slow+0x807/0xa10
2022-11-11 21:22:27 kernel:[39827.911695] ? nf_nat_manip_pkt+0x98/0xb0 [nf_nat]
2022-11-11 21:22:27 kernel:[39827.911698] nft_do_chain_ipv4+0x65/0x80 [nf_tables]
2022-11-11 21:22:27 kernel:[39827.911703] nf_hook_slow+0x41/0xc0
2022-11-11 21:22:27 kernel:[39827.911704] ip_forward+0x4dc/0x550
2022-11-11 21:22:27 kernel:[39827.911706] ? ipv4_mtu+0x52/0xa0
2022-11-11 21:22:27 kernel:[39827.911707] ? ip_expire+0x1a0/0x1a0
2022-11-11 21:22:27 kernel:[39827.911708] ip_sublist_rcv_finish+0x6f/0x80
2022-11-11 21:22:27 kernel:[39827.911710] ip_sublist_rcv+0x17c/0x200
2022-11-11 21:22:27 kernel:[39827.911711] ? ip_sublist_rcv+0x200/0x200
2022-11-11 21:22:27 kernel:[39827.911713] ip_list_rcv+0xf9/0x120
2022-11-11 21:22:27 kernel:[39827.911714] __netif_receive_skb_list_core+0x218/0x240
2022-11-11 21:22:27 kernel:[39827.911716] netif_receive_skb_list_internal+0x18e/0x2a0
2022-11-11 21:22:27 kernel:[39827.911717] napi_complete_done+0x7a/0x1c0
2022-11-11 21:22:27 kernel:[39827.911719] ixgbe_poll+0x124/0x260 [ixgbe]
2022-11-11 21:22:27 kernel:[39827.911726] __napi_poll+0x30/0x190
2022-11-11 21:22:27 kernel:[39827.911727] net_rx_action+0x126/0x280
2022-11-11 21:22:27 kernel:[39827.911728] __do_softirq+0xd6/0x2e7
2022-11-11 21:22:27 kernel:[39827.911730] irq_exit_rcu+0x94/0xc0
2022-11-11 21:22:27 kernel:[39827.911732] common_interrupt+0x8e/0xa0
2022-11-11 21:22:27 kernel:[39827.911734] </IRQ>
2022-11-11 21:22:27 kernel:[39827.911734] <TASK>
2022-11-11 21:22:27 kernel:[39827.911735] asm_common_interrupt+0x26/0x40
2022-11-11 21:22:27 kernel:[39827.911737] RIP: 0010:cpu_idle_poll.isra.0+0x33/0xd0
2022-11-11 21:22:27 kernel:[39827.911739] Code: 53 65 8b 15 37 c7 a6 56 66 90 e8 f8 01 3b ff fb 66 0f 1f 44 00 00 65 48 8b 1c 25 c0 fb 01 00 48 8b 03 a8 08 74 0b eb 1c f3 90 <48> 8b 03 a8 08 75 13 8b 05 70 c8 48 01 85 c0 75 ed e8 17 a1 3d ff
2022-11-11 21:22:27 kernel:[39827.911740] RSP: 0018:ffffb588c0163ed8 EFLAGS: 00000202
2022-11-11 21:22:27 kernel:[39827.911742] RAX: 0000000000000001 RBX: ffff97e500826000 RCX: 0000000000000000
2022-11-11 21:22:27 kernel:[39827.911743] RDX: 000000000267f157 RSI: 0000000000000000 RDI: 000000000267f158
2022-11-11 21:22:27 kernel:[39827.911743] RBP: ffffb588c0163ee0 R08: 00002439285d8d7c R09: 0000000000000000
2022-11-11 21:22:27 kernel:[39827.911744] R10: 0000000000000000 R11: 0000000000000000 R12: ffff97e500826000
2022-11-11 21:22:27 kernel:[39827.911745] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
2022-11-11 21:22:27 kernel:[39827.911746] ? cpu_idle_poll.isra.0+0x18/0xd0
2022-11-11 21:22:27 kernel:[39827.911747] do_idle+0x45/0xf0
2022-11-11 21:22:27 kernel:[39827.911748] cpu_startup_entry+0x20/0x30
2022-11-11 21:22:27 kernel:[39827.911749] start_secondary+0x12a/0x180
2022-11-11 21:22:27 kernel:[39827.911751] secondary_startup_64_no_verify+0xc2/0xcb
2022-11-11 21:22:27 kernel:[39827.911753] </TASK>
2022-11-11 21:22:27 kernel:[39827.911754] ================================================================================

The project git has more edits regarding 5.15. But that version has the same problem.

Revision history for this message
Sanyasi (sanyasi-ru) wrote :

FIX

https://github.com/aabc/ipt-netflow/pull/204/commits/964cfdc159fa654b130e27e0d345e0a4cc63ede7

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.