ACK: [SRU][Impish][PATCH 0/1] CVE-2022-28356
Stefan Bader
stefan.bader at canonical.com
Wed Jun 15 07:51:02 UTC 2022
On 13.06.22 01:49, Cengiz Can wrote:
> [Impact]
> In the Linux kernel before 5.17.1, a refcount leak bug was found in
> net/llc/af_llc.c.
>
> [Fix]
> Upstream fix for this uses a function introduced with 5.17-rc1
> `dev_put_track`.
> (commit 4d92b95ff2f9 "net: add net device refcount tracker
> infrastructure").
>
> There's a stable backport of this fix that doesn't require net device
> refcount tracker functionality.
>
> So, this was cherry-picked from the fix on linux-5.10-y.
>
> [Test case]
> Author publicly shared a PoC which renders the targeted network
> interface non-removable. This prevents the instance from rebooting
> properly. (Not the actual exploit but an enabler to it).
>
> Verified that impish and xenial are both vulnerable to this, compiled
> and booted both of them with this patch and made sure that PoC is no
> longer causing any lockups.
>
> [Potential regression]
> Logical Link Control interface is pretty critical. But the changes are
> miniscule and probably won't cause any regressions.
>
> Eric Dumazet (1):
> llc: fix netdevice reference leaks in llc_ui_bind()
>
> net/llc/af_llc.c | 8 ++++++++
> 1 file changed, 8 insertions(+)
>
Acked-by: Stefan Bader <stefan.bader at canonical.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20220615/f3b17d54/attachment.sig>
More information about the kernel-team
mailing list