APPLIED/Cmnt: [SRU][F/J/K][PATCH 0/1] CVE-2023-1075
Stefan Bader
stefan.bader at canonical.com
Thu Apr 6 12:40:14 UTC 2023
On 30.03.23 23:19, Yuxuan Luo wrote:
> [Impact]
> It was discovered that the TLS subsystem in the Linux kernel contained a
> type confusion vulnerability in some situations. A local attacker could use
> this to cause a denial of service (system crash) or possibly expose
> sensitive information.
>
> [Backport]
> The commit 587903142308 (“tls: create an internal header”) splitted the
> include/net/tls.h and moved the vulnerable `tls_is_tx_ready()`. Though not
> having this commit causes cherry-pick conflict, it is not necessary to backport
> this commit. Instead, it is possible to modify the `is_tx_ready()` directly.
>
> [Test]
> Compile and boot tested.
>
> [Potential Regression]
> Very low.
>
> Pietro Borrello (1):
> net/tls: tls_is_tx_ready() checked list_entry
>
> include/net/tls.h | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
Applied to kinetic,jammy,focal:linux/master-next adding the CVE
reference which we all missed missing. Thanks.
-Stefan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0xE8675DEECBEECEA3.asc
Type: application/pgp-keys
Size: 44613 bytes
Desc: OpenPGP public key
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20230406/c65b1f6c/attachment-0001.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20230406/c65b1f6c/attachment-0001.sig>
More information about the kernel-team
mailing list