[LTP] [PATCH v4 0/4] Test for CVE 2023-31248

Martin Doucha mdoucha@suse.cz
Tue Nov 21 16:42:22 CET 2023


Add test for CVE 2023-31248. Support for older kernels requires some
changes in tst_netlink_check_acks() and a new LAPI header.

Changes tested on kernels 4.4, 4.12 and 5.14.

Martin Doucha (4):
  tst_netlink: Add helper functions for handling generic attributes
  tst_netlink_check_acks(): Stop on first error regardless of ACK
    request
  Add lapi/nf_tables.h
  Add test for CVE 2023-31248

 configure.ac                          |   1 +
 doc/C-Test-Network-API.asciidoc       |  66 +++++---
 include/lapi/nf_tables.h              |  19 +++
 include/tst_netdevice.h               |   6 +-
 include/tst_netlink.h                 |  38 ++++-
 lib/tst_netdevice.c                   |  20 +--
 lib/tst_netlink.c                     |  97 +++++++++++-
 runtest/cve                           |   1 +
 testcases/cve/tcindex01.c             |  12 +-
 testcases/network/iptables/.gitignore |   1 +
 testcases/network/iptables/Makefile   |   2 +-
 testcases/network/iptables/nft02.c    | 216 ++++++++++++++++++++++++++
 12 files changed, 423 insertions(+), 56 deletions(-)
 create mode 100644 include/lapi/nf_tables.h
 create mode 100644 testcases/network/iptables/.gitignore
 create mode 100644 testcases/network/iptables/nft02.c

-- 
2.42.1



More information about the ltp mailing list