[SRU][OEM-5.17/OEM-6.0][PATCH 0/1] CVE-2023-23455
Yuxuan Luo
yuxuan.luo at canonical.com
Wed Apr 5 19:53:05 UTC 2023
[Impact]
Kyle Zeng discovered that the ATM VC queuing discipline implementation in
the Linux kernel contained a type confusion vulnerability in some
situations. An attacker could use this to cause a denial of service (system
crash).
[Backport]
Clean cherry pick.
[Test]
Compile and smoke tested by modprobe/rmmod sch_net.
[Potential Regression]
Very low, since this fix only add an exception to a condition checking.
Jamal Hadi Salim (1):
net: sched: atm: dont intepret cls results when asked to drop
net/sched/sch_atm.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
--
2.34.1
More information about the kernel-team
mailing list