In the Linux kernel, the following vulnerability has been resolved:
net: remove two BUG() from skbchecksumhelp()
I have a syzbot report that managed to get a crash in skbchecksumhelp()
If syzbot can trigger these BUG(), it makes sense to replace them with more friendly WARNONONCE() since skbchecksumhelp() can instead return an error code.
Note that syzbot will still crash there, until real bug is fixed.
{ "vanir_signatures": [ { "digest": { "line_hashes": [ "41159753083951778069008601393766972736", "7986188041957508101142727282666134395", "196055887671863061514685873482431775314", "93387695506010161280881796108060064823", "32833582464662269780474842510422846258", "179866616175288807557875608522406571889", "288450936292723200202215088031477868361" ], "threshold": 0.9 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d5281245f3502e960cb6b89348767b935379cee3", "signature_type": "Line", "target": { "file": "net/core/dev.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2022-49497-06bd6aa8" }, { "digest": { "length": 759.0, "function_hash": "158784420186675277027132216529335296456" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@312c43e98ed190bd8fd7a71a0addf9539d5b8ab1", "signature_type": "Function", "target": { "function": "skb_checksum_help", "file": "net/core/dev.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2022-49497-0e89804b" }, { "digest": { "length": 747.0, "function_hash": "296741576773916466010844839982496357034" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d7ea0d9df2a6265b2b180d17ebc64b38105968fc", "signature_type": "Function", "target": { "function": "skb_checksum_help", "file": "net/core/dev.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2022-49497-161589a7" }, { "digest": { "length": 747.0, "function_hash": "296741576773916466010844839982496357034" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6320ae1b5876c30bf98203b6a5abe8b5c45e6a04", "signature_type": "Function", "target": { "function": "skb_checksum_help", "file": "net/core/dev.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2022-49497-485cd742" }, { "digest": { "line_hashes": [ "41159753083951778069008601393766972736", "7986188041957508101142727282666134395", "196055887671863061514685873482431775314", "93387695506010161280881796108060064823", "32833582464662269780474842510422846258", "179866616175288807557875608522406571889", "288450936292723200202215088031477868361" ], "threshold": 0.9 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6320ae1b5876c30bf98203b6a5abe8b5c45e6a04", "signature_type": "Line", "target": { "file": "net/core/dev.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2022-49497-5c308d05" }, { "digest": { "length": 747.0, "function_hash": "296741576773916466010844839982496357034" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d5281245f3502e960cb6b89348767b935379cee3", "signature_type": "Function", "target": { "function": "skb_checksum_help", "file": "net/core/dev.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2022-49497-adeb8b48" }, { "digest": { "length": 747.0, "function_hash": "296741576773916466010844839982496357034" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b1320c9a4d30ff54b824a8ad6036e0b5fb4c5e73", "signature_type": "Function", "target": { "function": "skb_checksum_help", "file": "net/core/dev.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2022-49497-d214466d" }, { "digest": { "line_hashes": [ "41159753083951778069008601393766972736", "7986188041957508101142727282666134395", "196055887671863061514685873482431775314", "93387695506010161280881796108060064823", "32833582464662269780474842510422846258", "179866616175288807557875608522406571889", "288450936292723200202215088031477868361" ], "threshold": 0.9 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@312c43e98ed190bd8fd7a71a0addf9539d5b8ab1", "signature_type": "Line", "target": { "file": "net/core/dev.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2022-49497-e91a19ac" }, { "digest": { "line_hashes": [ "41159753083951778069008601393766972736", "7986188041957508101142727282666134395", "196055887671863061514685873482431775314", "93387695506010161280881796108060064823", "32833582464662269780474842510422846258", "179866616175288807557875608522406571889", "288450936292723200202215088031477868361" ], "threshold": 0.9 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d7ea0d9df2a6265b2b180d17ebc64b38105968fc", "signature_type": "Line", "target": { "file": "net/core/dev.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2022-49497-f9e55436" }, { "digest": { "line_hashes": [ "41159753083951778069008601393766972736", "7986188041957508101142727282666134395", "196055887671863061514685873482431775314", "93387695506010161280881796108060064823", "32833582464662269780474842510422846258", "179866616175288807557875608522406571889", "288450936292723200202215088031477868361" ], "threshold": 0.9 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b1320c9a4d30ff54b824a8ad6036e0b5fb4c5e73", "signature_type": "Line", "target": { "file": "net/core/dev.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2022-49497-fdda31a1" } ] }