APPLIED: [SRU][Bionic][PATCH 0/1] Fix for CVE-2021-43975
stefan.bader at canonical.com
Mon Mar 14 10:44:27 UTC 2022
On 18.02.22 18:50, Bartlomiej Zolnierkiewicz wrote:
> In the Linux kernel through 5.15.2, hw_atl_utils_fw_rpc_wait in
> drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c allows an
> attacker (who can introduce a crafted device) to trigger an out-of-bounds
> write via a crafted length value.
> b922f622592a ("atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait")
> The fix was cherry picked clean and builds fine.
> [Potential regression]
> This change is limited to the aquantia ethernet device driver and is already
> present in Focal/Impish/Jammy kernels.
> Zekun Shen (1):
> atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait
> .../ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c | 10 ++++++++++
> 1 file changed, 10 insertions(+)
Applied to bionic:linux/master-next. Thanks.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 833 bytes
Desc: OpenPGP digital signature
More information about the kernel-team