[SRU][K/J/HWE-5.17/F/OEM-5.14/B/X/T][PATCH 0/1] CVE-2022-3594 - r8152: Rate limit overflow messages
Timo Aaltonen
tjaalton at ubuntu.com
Thu Nov 17 12:33:32 UTC 2022
Thadeu Lima de Souza Cascardo kirjoitti 17.11.2022 klo 11.26:
> On Thu, Nov 17, 2022 at 09:23:41AM +0100, Stefan Bader wrote:
>> On 16.11.22 21:21, John Cabaj wrote:
>>> CVE-2022-3594
>>>
>>> [Impact]
>>>
>>> * Receipt of -EOVERFLOW from R8152 USB-Ethernet adapter spams kernel log messages
>>>
>>> [Fix]
>>>
>>> * Add a check to rate limit the kernel log message
>>>
>>> [Test case]
>>>
>>> * Only a kernel log message is impacted - compile and boot test
>>>
>>> [Potential regression]
>>>
>>> * Fixes a logging issue, no potential regressions
>>>
>>> Andrew Gaul (1):
>>> r8152: Rate limit overflow messages
>>>
>>> drivers/net/usb/r8152.c | 4 +++-
>>> 1 file changed, 3 insertions(+), 1 deletion(-)
>>>
>>
>> Could this be missing OEM-6.0?
>>
>> -Stefan
>
> OEM-6.0 has not been promoted to -updates or -security pocket yet. But, yeah,
> we will have to catch up when it goes there. So likely, we want to revisit
> those CVEs really soon.
>
> Cascardo.
That's not true, -1006.6 was promoted to jammy-updates on Oct 26th ;)
That said, this is included in -1008.8 via stable updates.
--
t
More information about the kernel-team
mailing list