ACK/Cmnt +b/hwe(5.3): [SRU Focal, Focal/oem-5.6, Groovy] CVE-2020-14386
Marcelo Henrique Cerri
marcelo.cerri at canonical.com
Fri Sep 4 18:47:45 UTC 2020
It looks good to me and with positive test results.
The only comment is that the same fix for 5.4 should also be applied
to 5.3 (bionic:linux-hwe).
Acked-by: Marcelo Henrique Cerri <marcelo.cerri at canonical.com>
On Fri, Sep 04, 2020 at 03:31:35PM -0300, Thadeu Lima de Souza Cascardo wrote:
> [Impact]
> Unprivileged user can crash the system using user namespaces and packet
> sockets.
>
> [Test case] A PoC that crashes the system has been available at [1]. It has
> been used to test this, after changing 'ifconfig lo up', to 'ip link set lo up'.
>
> [1] https://www.openwall.com/lists/oss-security/2020/09/03/3
>
> [Potential regression]
> AF_PACKET could be broken by this.
>
>
>
> --
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
--
Regards,
Marcelo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 659 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20200904/0c9029af/attachment.sig>
More information about the kernel-team
mailing list