Commit af65ea42bd1d for kernel

commit af65ea42bd1d28d818b74b9b3b4f8da7ada9f88b
Merge: 61ab751451f5 049584807f1d
Author: Jakub Kicinski <kuba@kernel.org>
Date:   Thu Jul 25 08:07:06 2024 -0700

    Merge branch 'tap-tun-harden-by-dropping-short-frame'

    Dongli Zhang says:

    ====================
    tap/tun: harden by dropping short frame

    This is to harden all of tap/tun to avoid any short frame smaller than the
    Ethernet header (ETH_HLEN).

    While the xen-netback already rejects short frame smaller than ETH_HLEN ...

     914 static void xenvif_tx_build_gops(struct xenvif_queue *queue,
     915                                      int budget,
     916                                      unsigned *copy_ops,
     917                                      unsigned *map_ops)
     918 {
    ... ...
    1007                 if (unlikely(txreq.size < ETH_HLEN)) {
    1008                         netdev_dbg(queue->vif->dev,
    1009                                    "Bad packet size: %d\n", txreq.size);
    1010                         xenvif_tx_err(queue, &txreq, extra_count, idx);
    1011                         break;
    1012                 }

    ... the short frame may not be dropped by vhost-net/tap/tun.

    This fixes CVE-2024-41090 and CVE-2024-41091.
    ====================

    Link: https://patch.msgid.link/20240724170452.16837-1-dongli.zhang@oracle.com
    Signed-off-by: Jakub Kicinski <kuba@kernel.org>