ACK: [SRU OEM-5.17,OEM-6.0 0/1] CVE-2023-32269
Tim Gardner
tim.gardner at canonical.com
Tue Aug 1 12:57:35 UTC 2023
On 7/31/23 2:25 PM, Thadeu Lima de Souza Cascardo wrote:
> [Impact]
> It was discovered that the NET/ROM protocol implementation in the Linux
> kernel contained a race condition in some situations, leading to a use-
> after-free vulnerability. A local attacker could use this to cause a denial
> of service (system crash) or possibly execute arbitrary code.
>
> [Potential regression]
> NET/ROM users may notice regressions, specially if trying to listen to
> reused sockets.
>
> Hyunwoo Kim (1):
> netrom: Fix use-after-free caused by accept on already connected
> socket
>
> net/netrom/af_netrom.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
Acked-by: Tim Gardner <tim.gardner at canonical.com>
--
-----------
Tim Gardner
Canonical, Inc
More information about the kernel-team
mailing list