ACK: [SRU][Jammy-OEM-5.17/OEM-6.0][PATCH 0/1] CVE-2023-31436

Tim Gardner tim.gardner at canonical.com
Tue Aug 1 12:56:58 UTC 2023


On 7/31/23 1:26 PM, Yuxuan Luo wrote:
> [Impact]
> When the MTU of the loopback device feeds a large number, net/sched/sch_qfq.c
> allows a out-of-bounds read/write error, detriment system's integrity.
> 
> [Backport]
> It is a clean cherry pick.
> 
> [Test]
> Compile and smoke tested via modprobe and rmmod the sch_fq module.
> 
> [Potential Regression]
> Expecting little regression potential since the patch only adds an additional
> layer of checking without manipulating the memory.
> 
> Gwangun Jung (1):
>    net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
> 
>   net/sched/sch_qfq.c | 13 +++++++------
>   1 file changed, 7 insertions(+), 6 deletions(-)
> 
Acked-by: Tim Gardner <tim.gardner at canonical.com>
-- 
-----------
Tim Gardner
Canonical, Inc




More information about the kernel-team mailing list