[SRU][Bionic][Cosmic][PATCH 0/1] Fix for CVE-2018-15471

Kleber Sacilotto de Souza kleber.souza at canonical.com
Fri Oct 19 09:46:03 UTC 2018


  An issue was discovered in xenvif_set_hash_mapping in
  drivers/net/xen-netback/hash.c in the Linux kernel through 4.18.1, as used
  in Xen through 4.11.x and other products. The Linux netback driver allows
  frontends to control mapping of requests to request queues. When processing
  a request to set or change this mapping, some input validation (e.g., for
  an integer overflow) was missing or flawed, leading to OOB access in hash
  handling. A malicious or buggy frontend may cause the (usually privileged)
  backend to make out of bounds memory accesses, potentially resulting in one
  or more of privilege escalation, Denial of Service (DoS), or information

Clean cherry-pick for Bionic and Cosmic. The patch was CC'ed to @stable
and applied on v4.18.14 but I'm sending to Cosmic as well in case we
don't catch up with upstream stable before its first SRU.

Jan Beulich (1):
  xen-netback: fix input validation in xenvif_set_hash_mapping()

 drivers/net/xen-netback/hash.c | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)


More information about the kernel-team mailing list