[PATCH 0/1 v3][focal:linux-oem-5.6, focal:linux-oem-5.10, groovy:linux] CVE-2021-29646: tipc data size check
Tim Gardner
tim.gardner at canonical.com
Thu Apr 8 21:01:50 UTC 2021
v2 - Include groovy:linux
v3 - include CVE-2021-29646 in patch
This patch is already in Hirsute:linux
Introduced by e1f32190cf7ddd55778b460e7d44af3f76529698 v5.5
Fixed by 0217ed2848e8538bcf9172d97ed2eeb4a26041bb v5.12
[SRU Justification]
An issue was discovered in the Linux kernel before 5.11.11. tipc_nl_retrieve_key
in net/tipc/node.c does not properly validate certain data sizes, aka
CID-0217ed2848e8.
[Test Plan]
None. Caught by Syzbot fuzzing.
[Where problems could occur]
User input could be erroneously rejected.
[Other Info]
Released in stable kernels:
linux-5.10.y
linux-5.11.y
More information about the kernel-team
mailing list