TomyLobo/kerneldance.json Secret

## kerneldance.json


{
 "commit": "2c02d41d71f90a5168391b6a5f2954112ba2307c",
 "details": [
  "net/ulp: prevent ULP without clone op from entering the LISTEN status",
  "",
  "When an ULP-enabled socket enters the LISTEN status, the listener ULP data",
  "pointer is copied inside the child/accepted sockets by sk_clone_lock().",
  "",
  "The relevant ULP can take care of de-duplicating the context pointer via",
  "the clone() operation, but only MPTCP and SMC implement such op.",
  "",
  "Other ULPs may end-up with a double-free at socket disposal time.",
  "",
  "We can't simply clear the ULP data at clone time, as TLS replaces the",
  "socket ops with custom ones assuming a valid TLS ULP context is",
  "available.",
  "",
  "Instead completely prevent clone-less ULP sockets from entering the",
  "LISTEN status.",
  "",
  "Fixes: 734942cc4ea6 (\"tcp: ULP infrastructure\")",
  "Reported-by: slipper <slipper.alive@gmail.com>",
  "Signed-off-by: Paolo Abeni <pabeni@redhat.com>",
  "Link: https://lore.kernel.org/r/4b80c3d1dbe3d0ab072f80450c202d9bc88b4b03.1672740602.git.pabeni@redhat.com",
  "Signed-off-by: Jakub Kicinski <kuba@kernel.org>"
 ],
 "the commit landed on upstream on": [
  {
   "tags": "tags/v6.2-rc3~23^2~2"
  }
 ],
 "the commit is a backport of": [],
 "the commit was backported to": [
  {
   "tags": "tags/v4.19.270~42",
   "commit": "755193f2523ce5157c2f844a4b6d16b95593f830"
  },
  {
   "tags": "tags/v6.1.5~56",
   "commit": "7d242f4a0c8319821548c7176c09a6e0e71f223c"
  },
  {
   "tags": "tags/v4.14.303~11",
   "commit": "b689125d04949841337dfa730d48dd91ada9ce3a"
  },
  {
   "tags": "tags/v6.0.19~50",
   "commit": "c1b5dee463cc1e89cfa655d6beff81ec1c0c4258"
  },
  {
   "tags": "tags/v5.4.229~45",
   "commit": "c6d29a5ffdbc362314853462a0e24e63330a654d"
  },
  {
   "tags": "tags/v5.15.88~4",
   "commit": "dadd0dcaa67d27f550131de95c8e182643d2c9d6"
  },
  {
   "tags": "tags/v5.10.163~4",
   "commit": "f8ed0a93b5d576bbaf01639ad816473bdfd1dcb0"
  }
 ],
 "the commit fixes a bug introduced by": [
  {
   "fixes": "734942cc4ea6 (\"tcp: ULP infrastructure\")"
  }
 ],
 "the buggy commit landed on upstream on": [
  {
   "tags": "tags/v4.13-rc1~157^2~184^2~3",
   "commit": "734942cc4ea6478eed125af258da1bdbb4afe578"
  }
 ],
 "the buggy commit was backported to": [],
 "the commit introduced a bug fixed by": [
  {
   "tags": "tags/v5.15.90~10",
   "commit": "1aab00aa41926421369d32dd05c943e38d881c82"
  },
  {
   "tags": "tags/v6.2-rc5~24^2~7",
   "commit": "8ccc99362b60c6f27bb46f36fdaaccf4ef0303de"
  },
  {
   "tags": "tags/v6.1.8~6",
   "commit": "ddb98087bd2aed12cbe867332c68473fc4d48855"
  },
  {
   "tags": "tags/v5.10.165~12",
   "commit": "f6c201b4382d1536f44b922b8f16dcb4772cc82c"
  }
 ],
 "syzkaller reference for the commit and the fix commit": [],
 "cve identifier for the commit and the fix commit": [
  {
   "cve": "CVE-2023-0461"
  }
 ]
}


	{
	"commit": "2c02d41d71f90a5168391b6a5f2954112ba2307c",
	"details": [
	"net/ulp: prevent ULP without clone op from entering the LISTEN status",
	"",
	"When an ULP-enabled socket enters the LISTEN status, the listener ULP data",
	"pointer is copied inside the child/accepted sockets by sk_clone_lock().",
	"",
	"The relevant ULP can take care of de-duplicating the context pointer via",
	"the clone() operation, but only MPTCP and SMC implement such op.",
	"",
	"Other ULPs may end-up with a double-free at socket disposal time.",
	"",
	"We can't simply clear the ULP data at clone time, as TLS replaces the",
	"socket ops with custom ones assuming a valid TLS ULP context is",
	"available.",
	"",
	"Instead completely prevent clone-less ULP sockets from entering the",
	"LISTEN status.",
	"",
	"Fixes: 734942cc4ea6 (\"tcp: ULP infrastructure\")",
	"Reported-by: slipper <slipper.alive@gmail.com>",
	"Signed-off-by: Paolo Abeni <pabeni@redhat.com>",
	"Link: https://lore.kernel.org/r/4b80c3d1dbe3d0ab072f80450c202d9bc88b4b03.1672740602.git.pabeni@redhat.com",
	"Signed-off-by: Jakub Kicinski <kuba@kernel.org>"
	],
	"the commit landed on upstream on": [
	{
	"tags": "tags/v6.2-rc3~23^2~2"
	}
	],
	"the commit is a backport of": [],
	"the commit was backported to": [
	{
	"tags": "tags/v4.19.270~42",
	"commit": "755193f2523ce5157c2f844a4b6d16b95593f830"
	},
	{
	"tags": "tags/v6.1.5~56",
	"commit": "7d242f4a0c8319821548c7176c09a6e0e71f223c"
	},
	{
	"tags": "tags/v4.14.303~11",
	"commit": "b689125d04949841337dfa730d48dd91ada9ce3a"
	},
	{
	"tags": "tags/v6.0.19~50",
	"commit": "c1b5dee463cc1e89cfa655d6beff81ec1c0c4258"
	},
	{
	"tags": "tags/v5.4.229~45",
	"commit": "c6d29a5ffdbc362314853462a0e24e63330a654d"
	},
	{
	"tags": "tags/v5.15.88~4",
	"commit": "dadd0dcaa67d27f550131de95c8e182643d2c9d6"
	},
	{
	"tags": "tags/v5.10.163~4",
	"commit": "f8ed0a93b5d576bbaf01639ad816473bdfd1dcb0"
	}
	],
	"the commit fixes a bug introduced by": [
	{
	"fixes": "734942cc4ea6 (\"tcp: ULP infrastructure\")"
	}
	],
	"the buggy commit landed on upstream on": [
	{
	"tags": "tags/v4.13-rc1~157^2~184^2~3",
	"commit": "734942cc4ea6478eed125af258da1bdbb4afe578"
	}
	],
	"the buggy commit was backported to": [],
	"the commit introduced a bug fixed by": [
	{
	"tags": "tags/v5.15.90~10",
	"commit": "1aab00aa41926421369d32dd05c943e38d881c82"
	},
	{
	"tags": "tags/v6.2-rc5~24^2~7",
	"commit": "8ccc99362b60c6f27bb46f36fdaaccf4ef0303de"
	},
	{
	"tags": "tags/v6.1.8~6",
	"commit": "ddb98087bd2aed12cbe867332c68473fc4d48855"
	},
	{
	"tags": "tags/v5.10.165~12",
	"commit": "f6c201b4382d1536f44b922b8f16dcb4772cc82c"
	}
	],
	"syzkaller reference for the commit and the fix commit": [],
	"cve identifier for the commit and the fix commit": [
	{
	"cve": "CVE-2023-0461"
	}
	]
	}