On Fri, Oct 29, 2021 at 05:54:17PM +0300, Ovidiu Panait wrote: > The following commits are needed to fix CVE-2021-20322: > ipv4: > [1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6457378fe796815c973f631a1904e147d6ee33b1 > [2] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=67d6d681e15b578c1725bad8ad079e05d1c48a8e > > ipv6: > [3] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4785305c05b25a242e5314cc821f54ade4c18810 > [4] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a00df2caffed3883c341d5685f830434312e4a43 > > * Commit [2] is already present in 4.14 stable. > * Commits [3] and [4] are not needed in 4.14, as there is no exception hash > table implementation for ipv6 (it was introduced in 4.15 by commit > 35732d01fe31 ("ipv6: introduce a hash table to store dst cache")). > * Therefore, backport only commit [1] with minor context adjustments. > > Eric Dumazet (1): > ipv4: use siphash instead of Jenkins in fnhe_hashfun() > > net/ipv4/route.c | 12 ++++++------ > 1 file changed, 6 insertions(+), 6 deletions(-) > Queued up, thanks! greg k-h
