Re: CVE-2024-35840: mptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect()

From: Greg Kroah-Hartman
Date: Mon Jun 17 2024 - 07:31:23 EST

Next message: Jiri Pirko: "Re: [PATCH net v3] Fix race for duplicate reqsk on identical SYN"
Previous message: Sebastian Reichel: "Re: [PATCH v6 4/6] media: hantro: Add RK3588 VEPU121"
In reply to: Michal Hocko: "Re: CVE-2024-35840: mptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect()"
Next in thread: Michal Hocko: "Re: CVE-2024-35840: mptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Jun 17, 2024 at 01:28:05PM +0200, Michal Hocko wrote:
> On Thu 06-06-24 10:03:59, Michal Hocko wrote:
> > Hi,
> > what is the actual security threat here? As far as I can see, the
> > problem that the commit requested here addresses seems to be rather
> > functional, rather than responding to an unexpected packet options with
> > a reset, we actually establish a connection with some garbage parameters
> > (likely unpredictable). Which is unfortunate but I do not see any
> > security implications.
>
> Does the silence mean that there are no actual security implications
> here?

Sorry, no, I was traveling and am still trying to catch up with the
pending queue. Should get to it later today or tomorrow, sorry for the
delay.

greg k-h

Next message: Jiri Pirko: "Re: [PATCH net v3] Fix race for duplicate reqsk on identical SYN"
Previous message: Sebastian Reichel: "Re: [PATCH v6 4/6] media: hantro: Add RK3588 VEPU121"
In reply to: Michal Hocko: "Re: CVE-2024-35840: mptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect()"
Next in thread: Michal Hocko: "Re: CVE-2024-35840: mptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]