ipv6: fix neighbour resolution with raw socket
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux (Ubuntu) |
Fix Released
|
Undecided
|
Kamal Mostafa | ||
Bionic |
Fix Released
|
Medium
|
Unassigned | ||
Disco |
Fix Released
|
Medium
|
Kamal Mostafa |
Bug Description
[SRU Justification]
== Impact ==
IPv6 packets may be dropped during the neighbor resolution when a
userspace program uses IPv6 raw sockets. The commit that introduces
this bug has not been identified, but it's here at least from Xenial (4.4).
This was fixed in the requested backport (from 5.2).
== Fix ==
Backport the requested patches to Disco (5.0), Bionic (4.15) and
Xenial (4.4).
== Risk of Regregression ==
The change slightly modifies the target IPv6 address in neighbor
resolution engine. Risk should be low and limited to ipv6.
---
With an IPv6 raw socket, packets may be dropped during the neighbour resolution. It is fixed upstream by these patches:
9b1c1ef13b35 ipv6: constify rt6_nexthop()
2c6b55f45d53 ipv6: fix neighbour resolution with raw socket
https:/
https:/
The detail of the bug is explained in the second patch.
CVE References
Changed in linux (Ubuntu Disco): | |
status: | New → In Progress |
assignee: | nobody → Kamal Mostafa (kamalmostafa) |
Changed in linux (Ubuntu): | |
status: | Incomplete → In Progress |
assignee: | nobody → Kamal Mostafa (kamalmostafa) |
description: | updated |
Changed in linux (Ubuntu Disco): | |
importance: | Undecided → Medium |
Changed in linux (Ubuntu Disco): | |
status: | In Progress → Fix Committed |
Changed in linux (Ubuntu Bionic): | |
importance: | Undecided → Medium |
Changed in linux (Ubuntu Bionic): | |
status: | New → Fix Committed |
Changed in linux (Ubuntu): | |
status: | In Progress → Fix Released |
This bug is missing log files that will aid in diagnosing the problem. While running an Ubuntu kernel (not a mainline or third-party kernel) please enter the following command in a terminal window:
apport-collect 1834465
and then change the status of the bug to 'Confirmed'.
If, due to the nature of the issue you have encountered, you are unable to run this command, please add a comment stating that fact and change the bug status to 'Confirmed'.
This change has been made by an automated script, maintained by the Ubuntu Kernel Team.