ACK: [SRU OEM-5.14/HWE-5.17 0/1] CVE-2022-26365
Cory Todd
cory.todd at canonical.com
Mon Oct 17 16:45:04 UTC 2022
On Sat, Oct 15, 2022 at 02:48:40AM +0300, Cengiz Can wrote:
> [Impact]
> Linux disk/nic frontends data leaks [This CNA information record relates
> to multiple CVEs; the text explains which aspects/vulnerabilities
> correspond to which CVE.] Linux Block and Network PV device frontends
> don’t zero memory regions before sharing them with the backend
> (CVE-2022-26365, CVE-2022-33740). Additionally the granularity of the
> grant table doesn’t allow sharing less than a 4K page, leading to
> unrelated data residing in the same 4K page as data shared with a
> backend being accessible by such backend (CVE-2022-33741,
> CVE-2022-33742).
>
> [Fix]
> This is the first fix in a chain of CVEs. It is already in all except
> oem-5.14 and hwe-5.17.
>
> [Test case]
> Compile and boot tested on KVM only.
>
> [Potential regression]
> Low. Since it only forces two page allocations to be zeroed first.
>
> Roger Pau Monne (1):
> xen/blkfront: fix leaking data in shared pages
>
> drivers/block/xen-blkfront.c | 5 +++--
> 1 file changed, 3 insertions(+), 2 deletions(-)
>
Acked-by: Cory Todd <cory.todd at canonical.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 659 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20221017/f3e99f02/attachment.sig>
More information about the kernel-team
mailing list