APPLIED: [SRU][Impish][PATCH 0/1] CVE-2022-28356
stefan.bader at canonical.com
Tue Jun 21 15:36:05 UTC 2022
On 13.06.22 01:49, Cengiz Can wrote:
> In the Linux kernel before 5.17.1, a refcount leak bug was found in
> Upstream fix for this uses a function introduced with 5.17-rc1
> (commit 4d92b95ff2f9 "net: add net device refcount tracker
> There's a stable backport of this fix that doesn't require net device
> refcount tracker functionality.
> So, this was cherry-picked from the fix on linux-5.10-y.
> [Test case]
> Author publicly shared a PoC which renders the targeted network
> interface non-removable. This prevents the instance from rebooting
> properly. (Not the actual exploit but an enabler to it).
> Verified that impish and xenial are both vulnerable to this, compiled
> and booted both of them with this patch and made sure that PoC is no
> longer causing any lockups.
> [Potential regression]
> Logical Link Control interface is pretty critical. But the changes are
> miniscule and probably won't cause any regressions.
> Eric Dumazet (1):
> llc: fix netdevice reference leaks in llc_ui_bind()
> net/llc/af_llc.c | 8 ++++++++
> 1 file changed, 8 insertions(+)
Applied to impish:linux/master-next. Thanks.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 833 bytes
Desc: OpenPGP digital signature
More information about the kernel-team