CVE-2016-7039 Kernel: net: unbounded recursion in the vlan GRO processing

[P J P <ppandit () redhat com>]

   Hello,

Linux kernel built with the 802.1Q/802.1ad VLAN(CONFIG_VLAN_8021Q) OR Virtual 
eXtensible Local Area Network(CONFIG_VXLAN) with Transparent Ethernet 
Bridging(TEB) GRO support, is vulnerable to a stack overflow issue. It could 
occur while receiving large packets via GRO path; As an unlimited recursion 
could unfold in both VLAN and TEB modules, leading to a stack corruption in 
the kernel.

A remote user could use this flaw to cause kernel panic by sending malicious 
packets to a server that has GRO enabled.

Please see a proposed patch to fix this issue attached herein.

'CVE-2016-7039' has been assigned to this issue by Red Hat Inc.

Reference:
----------
  -> https://bugzilla.redhat.com/show_bug.cgi?id=1375944

Thank you.
--
Prasad J Pandit / Red Hat Product Security Team
47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F

Attachment: upstream-0001-net-add-recursion-limit-to-GRO.patch
Description: