* pgowda cve:
> (cherry picked from commit 5bf07e1b3a74232bfb8332275110be1a5da50f83)
>
> Please find attached the backported patch for glibc versions 2.33 and 2.34.
> Please let me know if it's okay.
I think we would have to backport all these commits:
commit 3d981795cd00cc9b73c3ee5087c308361acd62e5
Author: Florian Weimer <fweimer@redhat.com>
Date: Mon Nov 22 14:41:14 2021 +0100
socket: Do not use AF_NETLINK in __opensock
It is not possible to use interface ioctls with netlink sockets
on all Linux kernels.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
commit 1d3decee997ba2fc24af81803299b2f4f3c47063
Author: Samuel Thibault <samuel.thibault@ens-lyon.org>
Date: Mon Oct 18 01:39:02 2021 +0200
hurd if_index: Explicitly use AF_INET for if index discovery
5bf07e1b3a74 ("Linux: Simplify __opensock and fix race condition [BZ #28353]")
made __opensock try NETLINK then UNIX then INET. On the Hurd, only INET
knows about network interfaces, so better actually specify that in
if_index.
commit 5bf07e1b3a74232bfb8332275110be1a5da50f83
Author: Florian Weimer <fweimer@redhat.com>
Date: Tue Sep 28 18:55:49 2021 +0200
Linux: Simplify __opensock and fix race condition [BZ #28353]
AF_NETLINK support is not quite optional on modern Linux systems
anymore, so it is likely that the first attempt will always succeed.
Consequently, there is no need to cache the result. Keep AF_UNIX
and the Internet address families as a fallback, for the rare case
that AF_NETLINK is missing. The other address families previously
probed are totally obsolete be now, so remove them.
Use this simplified version as the generic implementation, disabling
Netlink support as needed.
I can do that, no need to send patches.
Thanks,
Florian