[SRU][Impish][PATCH 0/1] CVE-2022-28356
cengiz.can at canonical.com
Sun Jun 12 23:49:54 UTC 2022
In the Linux kernel before 5.17.1, a refcount leak bug was found in
Upstream fix for this uses a function introduced with 5.17-rc1
(commit 4d92b95ff2f9 "net: add net device refcount tracker
There's a stable backport of this fix that doesn't require net device
refcount tracker functionality.
So, this was cherry-picked from the fix on linux-5.10-y.
Author publicly shared a PoC which renders the targeted network
interface non-removable. This prevents the instance from rebooting
properly. (Not the actual exploit but an enabler to it).
Verified that impish and xenial are both vulnerable to this, compiled
and booted both of them with this patch and made sure that PoC is no
longer causing any lockups.
Logical Link Control interface is pretty critical. But the changes are
miniscule and probably won't cause any regressions.
Eric Dumazet (1):
llc: fix netdevice reference leaks in llc_ui_bind()
net/llc/af_llc.c | 8 ++++++++
1 file changed, 8 insertions(+)
More information about the kernel-team