Home | Devuan | Git | Forum | Packages | Popcon
Donate now!
Download

Devuan bug report logs - #430
ax.25 on kernels above 4.1

Package: linux-image; Maintainer for linux-image is (unknown);

Reported by: n1uro@n1uro.ampr.org

Date: Sat, 25 Apr 2020 16:03:02 UTC

Severity: normal

Tags: debian

Full log

Message #5 received at submit@bugs.devuan.org (full text, mbox, reply):

Received: (at submit) by bugs.devuan.org; 25 Apr 2020 16:00:02 +0000
Return-Path: <n1uro@n1uro.ampr.org>
Delivered-To: devuanbugs@dyne.org
Received: from tupac3.dyne.org [195.169.149.119]
	by doc.devuan.org with IMAP (fetchmail-6.4.0.beta4)
	for <debbugs@localhost> (single-drop); Sat, 25 Apr 2020 16:00:02 +0000 (UTC)
Received: from n1uro.ampr.org (n1uro.ampr.org [44.88.0.9])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by vm6.ganeti.dyne.org (Postfix) with ESMTPS id 83D26F60BEB
	for <submit@bugs.devuan.org>; Sat, 25 Apr 2020 17:52:22 +0200 (CEST)
Received: from n1uro.ampr.org (n1uro [44.88.0.9])
	by n1uro.ampr.org (Postfix) with ESMTP id 13D4425FD8
	for <submit@bugs.devuan.org>; Sat, 25 Apr 2020 11:52:19 -0400 (EDT)
Received: from [44.88.0.6] (portland.n1uro.ampr.org [44.88.0.6])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by n1uro.ampr.org (Postfix) with ESMTPS id CE34725EB6
	for <submit@bugs.devuan.org>; Sat, 25 Apr 2020 11:52:18 -0400 (EDT)
Message-ID: <1587829938.5468.38.camel@Asus>
Subject: ax.25 on kernels above 4.1
From: Brian <n1uro@n1uro.ampr.org>
Reply-To: n1uro@n1uro.ampr.org
To: submit@bugs.devuan.org
Date: Sat, 25 Apr 2020 11:52:18 -0400
Organization: Amateur Radio Services
Content-Type: text/plain; charset="UTF-8"
X-Mailer: Evolution 3.4.4-3 
Mime-Version: 1.0
Content-Transfer-Encoding: 7bit
X-AV-Checked: ClamAV using ClamSMTP
X-Spam-Status: No, score=-0.7 required=5.0 tests=RCVD_IN_DNSWL_LOW,
	SPF_HELO_PASS,SPF_PASS autolearn=disabled version=3.4.2
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on tupac3.dyne.org

Package: linux-image
Version: all above 4.1

There's a critical bug in the ax.25 module that popped up beginning with
kernel version 4.2 where if a user connected to a site using NetRom, the
underlaying ax.25 virtual circuit fails to close thus leaving a zombie
socket open and available for possible attack. This has been a known
issue on the URONode email list for quite some time, and I'm the
developer of the uronode package in your repositories.  

A fix was supplied by Marius YO2LOJ on the list:

---
Let me explain the patch so maybe you can do it yourself, since the
code 
will probably not work on a 5.x kernel...

The target function is ax25_disconnect(ax25_cb *ax25, int reason).

The function is in the file ax25_subr.c in the 4.9 version.

the last part is an:

if (ax25->sk != NULL) {

(...the ax25 socket is closed here...)

}

This if catches only full ax25 connections, not the ones associated with 
netrom connections.

So for netrom connections, we also need a socket deletion, so add to 
this if the following else:

else {

ax25_destroy_socket(ax25);

}

Maybe this helps get you going...

Marius, YO2LOJ
---

A weblink to his mail:
https://n1uro.ampr.org/cgi-bin/mailman/private/uronode/2019-September/001284.html
however it's only available to subscribers.

-- 
If Confucius were alive today:
"A computing device left in the OFF power state never crashes" 
-----
73 de Brian N1URO
IPv6 Certified
SMTP: n1uro-at-n1uro.ampr.org

Send a report that this bug log contains spam.

Devuan BTS -- Powered by Debian bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.

Devuan Bugs Owner <owner@bugs.devuan.org>.
Last modified: Fri Apr 26 23:14:48 2024;