APPLIED Re: [SRU OEM-5.17,OEM-6.0 0/1] CVE-2023-32269
Timo Aaltonen
tjaalton at ubuntu.com
Fri Aug 4 09:50:13 UTC 2023
Thadeu Lima de Souza Cascardo kirjoitti 31.7.2023 klo 23.25:
> [Impact]
> It was discovered that the NET/ROM protocol implementation in the Linux
> kernel contained a race condition in some situations, leading to a use-
> after-free vulnerability. A local attacker could use this to cause a denial
> of service (system crash) or possibly execute arbitrary code.
>
> [Potential regression]
> NET/ROM users may notice regressions, specially if trying to listen to
> reused sockets.
>
> Hyunwoo Kim (1):
> netrom: Fix use-after-free caused by accept on already connected
> socket
>
> net/netrom/af_netrom.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
applied to oem-5.17, -6.0, thanks
--
t
More information about the kernel-team
mailing list