Improper validation in the bnx2x network card driver of the Linux kernel version 4.15 can allow for denial of service (DoS) attacks via a packet with a gso_size larger than ~9700 bytes. Untrusted guest VMs can exploit this vulnerability in the host machine, causing a crash in the network card. References: https://patchwork.ozlabs.org/patch/859410/ https://marc.info/?t=151606867000005&r=1&w=2 http://lists.openwall.net/netdev/2018/01/16/40 http://lists.openwall.net/netdev/2018/01/18/96 Upstream commits: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8914a595110a6eca69a5e275b323f5d09e18f4f9 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2b16f048729bf35e6c28a40cbfad07239f9dcd90
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1546744]
Statement: This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5 and 6, as supported configurations are not affected. This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7, its real-time kernel, Red Hat Enterprise MRG 2, Red Hat Enterprise Linux 7 for ARM 64 and Red Hat Enterprise Linux 7 for Power 9 LE. Future Linux kernel updates for the respective releases may address this issue.
kernel-4.15.4-200.fc26 has been pushed to the Fedora 26 stable repository. If problems still persist, please make note of it in this bug report.
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2018:3083 https://access.redhat.com/errata/RHSA-2018:3083
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2018:3096 https://access.redhat.com/errata/RHSA-2018:3096
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2018:2948 https://access.redhat.com/errata/RHSA-2018:2948