[SRU][Impish][PATCH 0/1] CVE-2022-28356
Cengiz Can
cengiz.can at canonical.com
Sun Jun 12 23:49:54 UTC 2022
[Impact]
In the Linux kernel before 5.17.1, a refcount leak bug was found in
net/llc/af_llc.c.
[Fix]
Upstream fix for this uses a function introduced with 5.17-rc1
`dev_put_track`.
(commit 4d92b95ff2f9 "net: add net device refcount tracker
infrastructure").
There's a stable backport of this fix that doesn't require net device
refcount tracker functionality.
So, this was cherry-picked from the fix on linux-5.10-y.
[Test case]
Author publicly shared a PoC which renders the targeted network
interface non-removable. This prevents the instance from rebooting
properly. (Not the actual exploit but an enabler to it).
Verified that impish and xenial are both vulnerable to this, compiled
and booted both of them with this patch and made sure that PoC is no
longer causing any lockups.
[Potential regression]
Logical Link Control interface is pretty critical. But the changes are
miniscule and probably won't cause any regressions.
Eric Dumazet (1):
llc: fix netdevice reference leaks in llc_ui_bind()
net/llc/af_llc.c | 8 ++++++++
1 file changed, 8 insertions(+)
--
2.34.1
More information about the kernel-team
mailing list