ACK: [SRU K,HWE-5.17,J,OEM-5.14,F,B 0/1] CVE-2022-3524
Luke Nowakowski-Krijger
luke.nowakowskikrijger at canonical.com
Thu Nov 17 19:15:49 UTC 2022
- Previous message (by thread): [SRU K, HWE-5.17, J, OEM-5.14, F, B 1/1] tcp/udp: Fix memory leak in ipv6_renew_options().
- Next message (by thread): ACK: [SRU K,HWE-5.17,J,OEM-5.14,F,B 0/1] CVE-2022-3524
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Acked-by: Luke Nowakowski-Krijger <luke.nowakowskikrijger at canonical.com>
On Wed, Nov 16, 2022 at 5:09 PM Thadeu Lima de Souza Cascardo <
cascardo at canonical.com> wrote:
> [Impact]
> A race condition between setsockopt(IPV6_ADDRFORM) and
> setsockopt(IPV6_DSTOPTS)
> may lead to a memory leak. A local attacker could use this to cause a
> denial of service.
>
> [Backport]
> A single conflict was fixed for all versions. release_sock has been
> replaced
> by sockopt_release_sock upstream, which introduces a new support for BPF
> calling setsockopt. So, not something we should backport under risk of
> regressions.
>
> [Potential regression]
> Programs using setsockopt and mixing IPv6 and IPv4 sockets might fail.
>
> Kuniyuki Iwashima (1):
> tcp/udp: Fix memory leak in ipv6_renew_options().
>
> net/ipv6/ipv6_sockglue.c | 7 +++++++
> 1 file changed, 7 insertions(+)
>
> --
> 2.34.1
>
>
> --
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20221117/4bc2f8e7/attachment.html>
- Previous message (by thread): [SRU K, HWE-5.17, J, OEM-5.14, F, B 1/1] tcp/udp: Fix memory leak in ipv6_renew_options().
- Next message (by thread): ACK: [SRU K,HWE-5.17,J,OEM-5.14,F,B 0/1] CVE-2022-3524
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the kernel-team
mailing list