APPLIED: [SRU focal/linux-oem-5.10 0/1] CVE-2021-26708
Stefan Bader
stefan.bader at canonical.com
Wed Mar 3 09:05:39 UTC 2021
On 01.03.21 15:36, Thadeu Lima de Souza Cascardo wrote:
> [Impact]
> vsock multi transport race leads to UAF, which may allow in privilege
> escalation.
>
> [Fix]
> Clean cherry-pick of upstream c518adafa39f.
>
> [Test case]
> Ran a reproducer, gets a WARNING when unpatched, no WARNING when patched.
>
> [Potential regression]
> AF_VSOCK use might break.
>
> Alexander Popov (1):
> vsock: fix the race conditions in multi-transport support
>
> net/vmw_vsock/af_vsock.c | 17 ++++++++++++-----
> 1 file changed, 12 insertions(+), 5 deletions(-)
>
Applied to Ubuntu-oem-5.10-5.10.0-1016.17. This was done as a previous cycle
respin already and is pending release.
-Stefan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20210303/cc1e246f/attachment.sig>
More information about the kernel-team
mailing list