APPLIED: [SRU][Bionic][Cosmic][PATCH 0/1] Fix for CVE-2018-15471
Khaled Elmously
khalid.elmously at canonical.com
Mon Oct 22 07:16:54 UTC 2018
On 2018-10-19 11:46:03 , Kleber Souza wrote:
> https://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-15471.html
>
> An issue was discovered in xenvif_set_hash_mapping in
> drivers/net/xen-netback/hash.c in the Linux kernel through 4.18.1, as used
> in Xen through 4.11.x and other products. The Linux netback driver allows
> frontends to control mapping of requests to request queues. When processing
> a request to set or change this mapping, some input validation (e.g., for
> an integer overflow) was missing or flawed, leading to OOB access in hash
> handling. A malicious or buggy frontend may cause the (usually privileged)
> backend to make out of bounds memory accesses, potentially resulting in one
> or more of privilege escalation, Denial of Service (DoS), or information
> leaks.
>
> Clean cherry-pick for Bionic and Cosmic. The patch was CC'ed to @stable
> and applied on v4.18.14 but I'm sending to Cosmic as well in case we
> don't catch up with upstream stable before its first SRU.
>
> Jan Beulich (1):
> xen-netback: fix input validation in xenvif_set_hash_mapping()
>
> drivers/net/xen-netback/hash.c | 12 +++++++-----
> 1 file changed, 7 insertions(+), 5 deletions(-)
>
> --
> 2.17.1
>
>
> --
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
More information about the kernel-team
mailing list