Linux Kernel GSO Segmentation Vulnerability in Fraglist GRO Forwarding

A vulnerability in the Linux kernel's handling of Generic Segmentation Offload (GSO) for fraglist packets has been addressed. This issue, present in the stable Linux kernel, arose when forwarding GSO packets that had been converted by the XLAT protocol translation, leading to low throughput when accessing IPv4 servers via hotspots with an IPv6-only upstream. The root of the problem was that XLAT only translated the header of the primary socket buffer, leaving fragments in the fraglist untranslated. This inconsistency caused protocol errors and reduced performance. The vulnerability has been fixed by ensuring that GSO packets are properly marked as potentially modified after translation, allowing the segmentation process to safely handle fraglist packets and thereby improving throughput.

Impact

The vulnerability could lead to degraded network performance and throughput issues when forwarding GSO packets over IPv4 via an IPv6-only upstream interface.

Reproduction

The vulnerability can be reproduced by accessing IPv4 servers through a hotspot with an IPv6-only upstream, which will trigger the low throughput issue due to the improper handling of GSO fraglist packets.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed.