[SRU][Bionic][PATCH 0/1] Fix for CVE-2021-43975
Bartlomiej Zolnierkiewicz
bartlomiej.zolnierkiewicz at canonical.com
Fri Feb 18 17:50:22 UTC 2022
[Impact]
In the Linux kernel through 5.15.2, hw_atl_utils_fw_rpc_wait in
drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c allows an
attacker (who can introduce a crafted device) to trigger an out-of-bounds
write via a crafted length value.
[Fix]
b922f622592a ("atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait")
The fix was cherry picked clean and builds fine.
[Potential regression]
This change is limited to the aquantia ethernet device driver and is already
present in Focal/Impish/Jammy kernels.
Zekun Shen (1):
atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait
.../ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c | 10 ++++++++++
1 file changed, 10 insertions(+)
--
2.25.1
More information about the kernel-team
mailing list