A flaw in the Linux Kernel found in the Open vSwitch Kernel module. The Netlink copy code in the ovs kernel module attempts to make an in-kernel copy of the actions required. That means that when recursive operations, like sample(), clone(), dec_ttl(), etc include additional actions, the code pushes a new stack frame and recursively calls into the code block. Unfortunately, OVS module doesn't validate the stack depth, and will push too many frames causing a stack overflow which can lead to crash. Reference: https://lore.kernel.org/all/20240207132416.1488485-1-aconole@redhat.com/
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 2263738]
Is the "Fixed In Version" metadata really correct? The submitted change does not seem to have hit Linux tree yet and not in 6.8-rc4.
(In reply to Salvatore Bonaccorso from comment #10) > Is the "Fixed In Version" metadata really correct? The submitted change does > not seem to have hit Linux tree yet and not in 6.8-rc4. Looks like it did not make rc4, it is still in linux-next. Hopefully rc5?
In reply to comment #12: > (In reply to Salvatore Bonaccorso from comment #10) > > Is the "Fixed In Version" metadata really correct? The submitted change does > > not seem to have hit Linux tree yet and not in 6.8-rc4. > > Looks like it did not make rc4, it is still in linux-next. Hopefully rc5? Updated to kernel 6.8-rc5. Still need to check later if going to be included to rc5.
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Extended Update Support Via RHSA-2024:4823 https://access.redhat.com/errata/RHSA-2024:4823
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Extended Update Support Via RHSA-2024:4831 https://access.redhat.com/errata/RHSA-2024:4831
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2024:9315 https://access.redhat.com/errata/RHSA-2024:9315