APPLIED [OEM-5.17] Re: [SRU Jammy,OEM-5.17 0/1] CVE-2023-21400
Timo Aaltonen
tjaalton at ubuntu.com
Fri Aug 4 11:58:43 UTC 2023
Thadeu Lima de Souza Cascardo kirjoitti 4.8.2023 klo 0.37:
> [Impact]
> Race condition on io_uring may lead to privilege escalation.
>
> [Backport]
> Fix was specific to 5.15 and 5.10. It was cleanly cherry picked on 5.15,
> but needed adjustment on 5.17 to match that code that moved from
> io_iopoll_completed to io_do_iopoll as the former was open coded in the
> latter.
>
> Later kernels are not affected as code has changed since 5.18.
>
> [Potential regression]
> io_uring users using IOPOLL.
>
> Jens Axboe (1):
> io_uring: ensure IOPOLL locks around deferred work
>
> io_uring/io_uring.c | 25 +++++++++++++++++++++----
> 1 file changed, 21 insertions(+), 4 deletions(-)
>
applied to oem-5.17, thanks
--
t
More information about the kernel-team
mailing list