[SRU][K/J/F] CVE-2022-3625
Yuxuan Luo
yuxuan.luo at canonical.com
Fri Nov 11 15:39:10 UTC 2022
[Impact]
After a failed devlink reload, devlink parameters are still registered,
which means user space can set and get their values. In the case of the
mlxsw "acl_region_rehash_interval" parameter, these operations will
trigger a use-after-free.
[Backport]
It is a clean backport for Kinetic, Jammy and Focal.
[Potential Regression]
There is no potential regression.
Ido Schimmel (1):
devlink: Fix use-after-free after a failed reload
net/core/devlink.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
--
2.34.1
More information about the kernel-team
mailing list