[SRU Bionic 0/2] CVE-2018-25020 // LP: #1953287
Thadeu Lima de Souza Cascardo
cascardo at canonical.com
Wed Dec 8 14:27:09 UTC 2021
BugLink: https://bugs.launchpad.net/bugs/1953287
[Impact]
A CBPF program jumping over a large number of instructions may lead to kernel
code execution.
The test might fail with EINVAL or EOPNOTSUPP, which must be accounted for on
different kernel versions.
[Test case]
Load test_bpf module.
Userspace program that causes crash.
[Potential regression]
Some CBPF and EBPF programs might not load.
Daniel Borkmann (1):
bpf: fix truncated jump targets on heavy expansions
Thadeu Lima de Souza Cascardo (1):
UBUNTU: SAUCE: Revert "bpf: add also cbpf long jump test cases with
heavy expansion"
kernel/bpf/core.c | 63 ++++++++++++++++++++++++++++++++++++++++-------
lib/test_bpf.c | 63 -----------------------------------------------
net/core/filter.c | 11 +++++++--
3 files changed, 63 insertions(+), 74 deletions(-)
--
2.32.0
More information about the kernel-team
mailing list