[SRU OEM-5.10/HWE-5.11/Impish/OEM-5.14/Jammy 0/3] CVE-2022-23222
Thadeu Lima de Souza Cascardo
cascardo at canonical.com
Fri Jan 28 18:00:00 UTC 2022
[Impact]
Unprivileged user with bpf access may trigger an out-of-bounds access.
[Backport]
As this was fixed by a larger patchset on mainline, a different fix was
applied to older kernels.
Then, there is a hardening fix and an additional test to cover this case.
The first patch was already applied on OEM-5.14 and Jammy.
[Test case]
The additional verifier test was tested, as was another test program.
[Potential regression]
BPF users would be affected and BPF tests may start to fail.
Daniel Borkmann (3):
bpf: Fix out of bounds access from invalid *_or_null type verification
bpf: Don't promote bogus looking registers after null check.
bpf, selftests: Add verifier test for mem_or_null register with
offset.
kernel/bpf/verifier.c | 18 ++++++------
.../selftests/bpf/verifier/spill_fill.c | 28 +++++++++++++++++++
2 files changed, 37 insertions(+), 9 deletions(-)
--
2.32.0
More information about the kernel-team
mailing list