On Thu, 21 Oct 2021 22:45:37 -0300 Marcelo Ricardo Leitner wrote: > On Wed, Oct 20, 2021 at 07:42:40AM -0400, Xin Long wrote: > > This patchset is to address CVE-2021-3772: > > > > A flaw was found in the Linux SCTP stack. A blind attacker may be able to > > kill an existing SCTP association through invalid chunks if the attacker > > knows the IP-addresses and port numbers being used and the attacker can > > send packets with spoofed IP addresses. > > > > This is caused by the missing VTAG verification for the received chunks > > and the incorrect vtag for the ABORT used to reply to these invalid > > chunks. > > > > This patchset is to go over all processing functions for the received > > chunks and do: > > > ... > > > > This patch series has been tested with SCTP TAHI testing to make sure no > > regression caused on protocol conformance. > > Acked-by: Marcelo Ricardo Leitner <marcelo.leitner@xxxxxxxxx> Applied, thanks.
