APPLIED[F][B/HWE]: [SRU Focal,Focal/oem-5.6,Groovy] CVE-2020-14386

Kelsey Skunberg kelsey.skunberg at canonical.com
Thu Sep 17 20:47:28 UTC 2020


This has already been applied to Focal/master-next and Bionic/hwe as
requested in the replies. Thank you! 

-Kelsey

On 2020-09-04 15:31:35 , Thadeu Lima de Souza Cascardo wrote:
> [Impact]
> Unprivileged user can crash the system using user namespaces and packet
> sockets.
> 
> [Test case] A PoC that crashes the system has been available at [1]. It has
> been used to test this, after changing 'ifconfig lo up', to 'ip link set lo up'.
> 
> [1] https://www.openwall.com/lists/oss-security/2020/09/03/3
> 
> [Potential regression]
> AF_PACKET could be broken by this.
> 
> 
> 
> -- 
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team



More information about the kernel-team mailing list