[SRU OEM-5.17 0/1] CVE-2023-3812
Thadeu Lima de Souza Cascardo
cascardo at canonical.com
Fri Aug 4 14:16:50 UTC 2023
[Impact]
An out-of-bounds memory access flaw was found in the Linux kernel's TUN/TAP
device driver functionality in how a user generates a malicious (too big)
networking packet when napi frags is enabled. This flaw allows a local user
to crash or potentially escalate their privileges on the system.
[Potential regression]
TUN/TAP users may find regressions.
Ziyang Xuan (1):
net: tun: fix bugs for oversize packet when napi frags enabled
drivers/net/tun.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
--
2.34.1
More information about the kernel-team
mailing list