]> git.baikalelectronics.ru Git - kernel.git/commit
atl2: Disable unimplemented scatter/gather feature
authorBen Hutchings <ben@decadent.org.uk>
Wed, 20 Apr 2016 22:23:08 +0000 (23:23 +0100)
committerDavid S. Miller <davem@davemloft.net>
Thu, 21 Apr 2016 19:12:23 +0000 (15:12 -0400)
commit7c70abd1c96baa022e8968237d4605edc8924d5c
treef554d69becc4963d409eb153ababd1c89c5d255c
parentcfb0b0fdcd0f9a7c99d4380d0a8c7eb516169e4c
atl2: Disable unimplemented scatter/gather feature

atl2 includes NETIF_F_SG in hw_features even though it has no support
for non-linear skbs.  This bug was originally harmless since the
driver does not claim to implement checksum offload and that used to
be a requirement for SG.

Now that SG and checksum offload are independent features, if you
explicitly enable SG *and* use one of the rare protocols that can use
SG without checkusm offload, this potentially leaks sensitive
information (before you notice that it just isn't working).  Therefore
this obscure bug has been designated CVE-2016-2117.

Reported-by: Justin Yackoski <jyackoski@crypto-nite.com>
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Fixes: 0568564d1b16 ("net: Kill link between CSUM and SG features.")
Signed-off-by: David S. Miller <davem@davemloft.net>
drivers/net/ethernet/atheros/atlx/atl2.c