APPLIED[f/oem-5.6]: [SRU Focal,Focal/oem-5.6,Groovy] CVE-2020-14386
Kleber Souza
kleber.souza at canonical.com
Sun Sep 6 10:58:04 UTC 2020
On 04.09.20 20:31, Thadeu Lima de Souza Cascardo wrote:
> [Impact]
> Unprivileged user can crash the system using user namespaces and packet
> sockets.
>
> [Test case] A PoC that crashes the system has been available at [1]. It has
> been used to test this, after changing 'ifconfig lo up', to 'ip link set lo up'.
>
> [1] https://www.openwall.com/lists/oss-security/2020/09/03/3
>
> [Potential regression]
> AF_PACKET could be broken by this.
>
>
>
Applied to focal/linux-oem-5.6.
Thanks,
Kleber
More information about the kernel-team
mailing list