CVE-2023-53843

*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> net: openvswitch: reject negative ifindex<br /> <br /> Recent changes in net-next (commit 759ab1edb56c ("net: store netdevs<br /> in an xarray")) refactored the handling of pre-assigned ifindexes<br /> and let syzbot surface a latent problem in ovs. ovs does not validate<br /> ifindex, making it possible to create netdev ports with negative<br /> ifindex values. It&amp;#39;s easy to repro with YNL:<br /> <br /> $ ./cli.py --spec netlink/specs/ovs_datapath.yaml \<br /> --do new \<br /> --json &amp;#39;{"upcall-pid": 1, "name":"my-dp"}&amp;#39;<br /> $ ./cli.py --spec netlink/specs/ovs_vport.yaml \<br /> --do new \<br /> --json &amp;#39;{"upcall-pid": "00000001", "name": "some-port0", "dp-ifindex":3,"ifindex":4294901760,"type":2}&amp;#39;<br /> <br /> $ ip link show<br /> -65536: some-port0: mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000<br /> link/ether 7a:48:21:ad:0b:fb brd ff:ff:ff:ff:ff:ff<br /> ...<br /> <br /> Validate the inputs. Now the second command correctly returns:<br /> <br /> $ ./cli.py --spec netlink/specs/ovs_vport.yaml \<br /> --do new \<br /> --json &amp;#39;{"upcall-pid": "00000001", "name": "some-port0", "dp-ifindex":3,"ifindex":4294901760,"type":2}&amp;#39;<br /> <br /> lib.ynl.NlError: Netlink error: Numerical result out of range<br /> nl_len = 108 (92) nl_flags = 0x300 nl_type = 2<br /> error: -34 extack: {&amp;#39;msg&amp;#39;: &amp;#39;integer out of range&amp;#39;, &amp;#39;unknown&amp;#39;: [[type:4 len:36] b&amp;#39;\x0c\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x0c\x00\x03\x00\xff\xff\xff\x7f\x00\x00\x00\x00\x08\x00\x01\x00\x08\x00\x00\x00&amp;#39;], &amp;#39;bad-attr&amp;#39;: &amp;#39;.ifindex&amp;#39;}<br /> <br /> Accept 0 since it used to be silently ignored.