APPLIED: [SRU OEM-5.10/HWE-5.11/Impish/OEM-5.14/Jammy 0/3] CVE-2022-23222
Stefan Bader
stefan.bader at canonical.com
Tue Feb 1 11:02:50 UTC 2022
On 28.01.22 19:00, Thadeu Lima de Souza Cascardo wrote:
> [Impact]
> Unprivileged user with bpf access may trigger an out-of-bounds access.
>
> [Backport]
> As this was fixed by a larger patchset on mainline, a different fix was
> applied to older kernels.
>
> Then, there is a hardening fix and an additional test to cover this case.
>
> The first patch was already applied on OEM-5.14 and Jammy.
>
> [Test case]
> The additional verifier test was tested, as was another test program.
>
> [Potential regression]
> BPF users would be affected and BPF tests may start to fail.
>
> Daniel Borkmann (3):
> bpf: Fix out of bounds access from invalid *_or_null type verification
> bpf: Don't promote bogus looking registers after null check.
> bpf, selftests: Add verifier test for mem_or_null register with
> offset.
>
> kernel/bpf/verifier.c | 18 ++++++------
> .../selftests/bpf/verifier/spill_fill.c | 28 +++++++++++++++++++
> 2 files changed, 37 insertions(+), 9 deletions(-)
>
Applied to focal:linux-hwe-5.11/hwe-5.11-next. Thanks.
-Stefan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20220201/7d845fef/attachment-0001.sig>
More information about the kernel-team
mailing list