NACK[unstable]: [UBUNTU oem-5.14, jammy, oem-5.17, kinetic, oem-6.0, unstable 0/2] CVE-2022-4378
Andrea Righi
andrea.righi at canonical.com
Tue Dec 13 20:13:35 UTC 2022
- Previous message (by thread): ACK: [UBUNTU oem-5.14, jammy, oem-5.17, kinetic, oem-6.0, unstable 0/2] CVE-2022-4378
- Next message (by thread): APPLIED [OEM-5.14/OEM-5.17/OEM-6.0] Re: [UBUNTU oem-5.14, jammy, oem-5.17, kinetic, oem-6.0, unstable 0/2] CVE-2022-4378
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
On Mon, Dec 12, 2022 at 06:05:45PM -0300, Thadeu Lima de Souza Cascardo wrote:
> [Impact]
> Unprivileged user could cause stack overflow when writing too many
> whitespaces on a sysctl file. Using user/network namespaces make it possible
> for unprivileged users.
>
> [Testing]
> A simple script was used to test it. The fix worked on the tested 5.14, 5.15,
> 5.19 and 6.1 kernels.
>
> [Potential regression]
> Writing to sysctl files may fail or parse incorrectly.
lunar:linux-unstable is frozen now, development has moved to lunar:linux
that already has these patches applied, so we should be fine.
-Andrea
- Previous message (by thread): ACK: [UBUNTU oem-5.14, jammy, oem-5.17, kinetic, oem-6.0, unstable 0/2] CVE-2022-4378
- Next message (by thread): APPLIED [OEM-5.14/OEM-5.17/OEM-6.0] Re: [UBUNTU oem-5.14, jammy, oem-5.17, kinetic, oem-6.0, unstable 0/2] CVE-2022-4378
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the kernel-team
mailing list