[UBUNTU OEM-5.7 0/1] CVE-2022-2590
Thadeu Lima de Souza Cascardo
cascardo at canonical.com
Tue Apr 4 13:55:13 UTC 2023
[Impact]
Attackers can write to shmem files (on tmpfs, for example) without having write permissions.
[Fix]
The upstream fix is not appropriate to 5.17 and the suggestion was to revert the offending commit.
[Test case]
PoC was tested and stopped working with the revert applied.
Thadeu Lima de Souza Cascardo (1):
UBUNTU: SAUCE: Revert "mm/shmem: unconditionally set pte dirty in
mfill_atomic_install_pte"
mm/shmem.c | 1 +
mm/userfaultfd.c | 3 ++-
2 files changed, 3 insertions(+), 1 deletion(-)
--
2.34.1
More information about the kernel-team
mailing list