SRU: Fix for TCP stack bugs related to F-RTO
On Tue, 2010-06-08 at 16:05 +0200, Stefan Bader wrote:
> SRU justification:
> Impact: Several flaws in the F-RTO (forward retransmission timeout)
> implementation in 2.6.24 which causes packets under certain circumstances
> to get silently dropped while the client will accept longer and longer
> re-transmit timeouts.
> This can lead to resource exhaustion and thus to DOS vulnerability.
> There is no CVE assigned to this issue and the class of change should likely
> be done using the retention period in proposed. So this is submitted as a
> normal proposed update.
> Fix: This set of three patches which has been picked from 2.6.25.y has been
> verified to cure the problem. Tester reported successful avoidance of the
> problem with a test kernel provided and has seen no regressions.
> Testcase: Unfortunately this seems to be observed only in a certain
> environment and with certain steps which are not public.
Agreed that letting it bake in proposed is a good idea.
kernel-team mailing list