[SRU Jammy,OEM-5.17 0/1] CVE-2023-21400
Thadeu Lima de Souza Cascardo
cascardo at canonical.com
Thu Aug 3 21:37:09 UTC 2023
[Impact]
Race condition on io_uring may lead to privilege escalation.
[Backport]
Fix was specific to 5.15 and 5.10. It was cleanly cherry picked on 5.15,
but needed adjustment on 5.17 to match that code that moved from
io_iopoll_completed to io_do_iopoll as the former was open coded in the
latter.
Later kernels are not affected as code has changed since 5.18.
[Potential regression]
io_uring users using IOPOLL.
Jens Axboe (1):
io_uring: ensure IOPOLL locks around deferred work
io_uring/io_uring.c | 25 +++++++++++++++++++++----
1 file changed, 21 insertions(+), 4 deletions(-)
--
2.34.1
More information about the kernel-team
mailing list