On Fri, Mar 28, 2025 at 10:50:05PM +0100, Ben Hutchings wrote:
On Tue, 2025-03-11 at 16:02 +0100, Greg Kroah-Hartman wrote:
5.10-stable review patch. If anyone has any objections, please let me know.
From: Jakub Kicinski kuba@kernel.org
commit c71a192976ded2f2f416d03c4f595cdd4478b825 upstream.
dst_cache_get() gives us a reference, we need to release it.
Discovered by the ioam6.sh test, kmemleak was recently fixed to catch per-cpu memory leaks.
Fixes: 985ec6f5e623 ("net: ipv6: rpl_iptunnel: mitigate 2-realloc issue")
The 5.10 branch does not include backports of:
Fixes: 40475b63761a ("net: ipv6: seg6_iptunnel: mitigate 2-realloc issue") Fixes: dce525185bc9 ("net: ipv6: ioam6_iptunnel: mitigate 2-realloc issue")
so the changes this makes to seg6_iptunnel.c are incorrect and appear to introduce a UAF.
Ick. Should I just revert it?
thanks,
greg k-h