APPLIED [OEM-5.17] Re: [SRU Jammy,OEM-5.17 0/1] CVE-2023-21400

Timo Aaltonen tjaalton at ubuntu.com
Fri Aug 4 11:58:43 UTC 2023


Thadeu Lima de Souza Cascardo kirjoitti 4.8.2023 klo 0.37:
> [Impact]
> Race condition on io_uring may lead to privilege escalation.
> 
> [Backport]
> Fix was specific to 5.15 and 5.10. It was cleanly cherry picked on 5.15,
> but needed adjustment on 5.17 to match that code that moved from
> io_iopoll_completed to io_do_iopoll as the former was open coded in the
> latter.
> 
> Later kernels are not affected as code has changed since 5.18.
> 
> [Potential regression]
> io_uring users using IOPOLL.
> 
> Jens Axboe (1):
>    io_uring: ensure IOPOLL locks around deferred work
> 
>   io_uring/io_uring.c | 25 +++++++++++++++++++++----
>   1 file changed, 21 insertions(+), 4 deletions(-)
> 

applied to oem-5.17, thanks

-- 
t




More information about the kernel-team mailing list