ACK: [SRU][K/J/F] CVE-2022-3625

Kleber Souza kleber.sacilotto.de.souza at canonical.com
Mon Nov 14 10:34:27 UTC 2022


On 11.11.22 16:39, Yuxuan Luo wrote:
> [Impact]
> After a failed devlink reload, devlink parameters are still registered,
> which means user space can set and get their values. In the case of the
> mlxsw "acl_region_rehash_interval" parameter, these operations will
> trigger a use-after-free.
> 
> [Backport]
> It is a clean backport for Kinetic, Jammy and Focal.
> 
> [Potential Regression]
> There is no potential regression.
> 
> Ido Schimmel (1):
>    devlink: Fix use-after-free after a failed reload
> 
>   net/core/devlink.c | 4 ++--
>   1 file changed, 2 insertions(+), 2 deletions(-)
> 


Acked-by: Kleber Sacilotto de Souza <kleber.souza at canonical.com>

Thanks



More information about the kernel-team mailing list