[SRU focal/linux-oem-5.10 0/1] CVE-2021-26708
Thadeu Lima de Souza Cascardo
cascardo at canonical.com
Mon Mar 1 14:36:43 UTC 2021
[Impact]
vsock multi transport race leads to UAF, which may allow in privilege
escalation.
[Fix]
Clean cherry-pick of upstream c518adafa39f.
[Test case]
Ran a reproducer, gets a WARNING when unpatched, no WARNING when patched.
[Potential regression]
AF_VSOCK use might break.
Alexander Popov (1):
vsock: fix the race conditions in multi-transport support
net/vmw_vsock/af_vsock.c | 17 ++++++++++++-----
1 file changed, 12 insertions(+), 5 deletions(-)
--
2.27.0
More information about the kernel-team
mailing list