APPLIED: [SRU][Bionic][PATCH 0/1] Fix for CVE-2021-43975
Stefan Bader
stefan.bader at canonical.com
Mon Mar 14 10:44:27 UTC 2022
On 18.02.22 18:50, Bartlomiej Zolnierkiewicz wrote:
> [Impact]
> In the Linux kernel through 5.15.2, hw_atl_utils_fw_rpc_wait in
> drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c allows an
> attacker (who can introduce a crafted device) to trigger an out-of-bounds
> write via a crafted length value.
>
> [Fix]
> b922f622592a ("atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait")
>
> The fix was cherry picked clean and builds fine.
>
> [Potential regression]
> This change is limited to the aquantia ethernet device driver and is already
> present in Focal/Impish/Jammy kernels.
>
>
> Zekun Shen (1):
> atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait
>
> .../ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c | 10 ++++++++++
> 1 file changed, 10 insertions(+)
>
Applied to bionic:linux/master-next. Thanks.
-Stefan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20220314/e8fa1143/attachment.sig>
More information about the kernel-team
mailing list