ACK: [SRU OEM-5.17 0/1] CVE-2022-3586
Andrei Gherzan
andrei.gherzan at canonical.com
Thu Apr 6 09:53:09 UTC 2023
On 23/04/06 04:09AM, Cengiz Can wrote:
> [Impact]
> A flaw was found in the Linux kernel’s networking code. A use-after-free was
> found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb
> field after the same SKB had been enqueued (and freed) into a child qdisc.
> This flaw allows a local, unprivileged user to crash the system, causing a
> denial of service.
>
> [Fix]
> Cherry picked from upstream.
>
> [Test case]
> Boot and basic network functionality tested with ntopng and wget.
>
> [Potential regression]
> Low. Fix has been in other kernels for quite a while now.
>
> Toke Høiland-Jørgensen (1):
> sch_sfb: Don't assume the skb is still around after enqueueing to
> child
>
> net/sched/sch_sfb.c | 10 ++++++----
> 1 file changed, 6 insertions(+), 4 deletions(-)
>
> --
> 2.37.2
>
>
> --
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
Acked-by: Andrei Gherzan <andrei.gherzan at canonical.com>
--
Andrei Gherzan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20230406/9e078514/attachment.sig>
More information about the kernel-team
mailing list