Contributed by tj on from the anti-ipv6-squad dept.
Quoting the patch:
Insufficient checks in IPv6 socket binding and UDP IPv6 option processing allow a local user to send UDP packets with a source (IPv6 address + port) already reserved by another user.
Users that don't use IPv6 are not affected by this issue. Users who are using IPv6 should apply the patch, rebuild their kernel and reboot.
Though not officially released, unrelated an errata patch was issued for 5.9 on the same day:
Incorrect path processing in pledge_namei() could result in unexpected program termination of pledged programs.
Just as a heads up, you'll want to apply this one after installing 5.9 when it hits. Seasoned users know it's always good to check the errata page after doing an install.
Head over to the 5.7 errata or 5.8 errata pages to make sure you're all up to date.
(Comments are closed)