[PATCH 5.4 0/2] ipv4/ipv6: backport fixes for CVE-2021-20322

From: Ovidiu Panait
Date: Thu Oct 28 2021 - 13:44:42 EST


The following commits are needed to fix CVE-2021-20322:
ipv4:
[1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6457378fe796815c973f631a1904e147d6ee33b1
[2] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=67d6d681e15b578c1725bad8ad079e05d1c48a8e

ipv6:
[3] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4785305c05b25a242e5314cc821f54ade4c18810
[4] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a00df2caffed3883c341d5685f830434312e4a43

Commits [2] and [4] are already present in 5.4 stable, so backport the
remaining two fixes with minor context adjustments.

Eric Dumazet (2):
ipv6: use siphash in rt6_exception_hash()
ipv4: use siphash instead of Jenkins in fnhe_hashfun()

net/ipv4/route.c | 12 ++++++------
net/ipv6/route.c | 20 ++++++++++++++------
2 files changed, 20 insertions(+), 12 deletions(-)

--
2.25.1