Bug 763546

Summary:	system panic on 5.4 relase since commit d18d22ce8f62839365c984b1df474d3975ed4eb2
Product:	Gentoo Security	Reporter:	Zhixu Liu <zhixu.liu>
Component:	Kernel	Assignee:	Gentoo Kernel Security <security-kernel>
Status:	RESOLVED FIXED
Severity:	critical
Priority:	Normal
Version:	unspecified
Hardware:	All
OS:	Linux
URL:	https://bugzilla.kernel.org/show_bug.cgi?id=209823
Whiteboard:
Package list:		Runtime testing required:	---

Description Zhixu Liu 2021-01-04 16:47:56 UTC

https://bugzilla.kernel.org/show_bug.cgi?id=209823

one single iptables string match rule can panic kernel 5.4 since commit d18d22ce8f62839365c984b1df474d3975ed4eb2. Bug the bug affect both 4.19 & 5.4. This has been fixed in 4.19.162 & 5.4.81, see commit https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-5.4.y&id=6ec51459df7117dbe9b1fef2174951f80877a850

so it's necessary to stable kernel after 4.19.162 & 5.4.81 if possible.

Reproducible: Always

Comment 1 NATTkA bot gentoo-dev

2021-07-29 17:24:46 UTC Comment hidden (obsolete)

Package list is empty or all packages have requested keywords.

Comment 2 NATTkA bot gentoo-dev

2021-07-29 17:33:17 UTC Comment hidden (obsolete)

Package list is empty or all packages have requested keywords.

Comment 3 NATTkA bot gentoo-dev

2021-07-29 17:41:08 UTC Comment hidden (obsolete)

Package list is empty or all packages have requested keywords.

Comment 4 NATTkA bot gentoo-dev

2021-07-29 17:49:18 UTC Comment hidden (obsolete)

Package list is empty or all packages have requested keywords.

Comment 5 NATTkA bot gentoo-dev

2021-07-29 18:05:13 UTC Comment hidden (obsolete)

Package list is empty or all packages have requested keywords.

Comment 6 NATTkA bot gentoo-dev

2021-07-29 18:13:32 UTC

Package list is empty or all packages have requested keywords.

Comment 7 John Helmert III archtester

2022-03-26 01:23:17 UTC

Patch in 4.19.161, 5.4.81