ACK/Cmnt: [SRU][Focal/Jammy/Lunar][PATCH 0/3] CVE-2023-4128
Stefan Bader
stefan.bader at canonical.com
Thu Aug 17 07:37:01 UTC 2023
On 17.08.23 00:14, Yuxuan Luo wrote:
> [Impact]
> A use-after-free flaw was found in net/sched/cls_fw.c in classifiers
> (cls_fw, cls_u32, and cls_route) in the Linux Kernel. This flaw allows a
> local attacker to perform a local privilege escalation due to incorrect
> handling of the existing filter, leading to a kernel information leak
> issue.
>
> [Backport]
> Clean cherry picks.
With patches like this which appear near identical except the slight
variation in file name, it is helpful to point this out to avoid a
confused reviewer. ;)
>
> [Test]
> Smoke tested by adding corresponding filters using `tc`.
>
> [Potential Regression]
> Expect low regression potential.
>
> valis (3):
> net/sched: cls_u32: No longer copy tcf_result on update to avoid
> use-after-free
> net/sched: cls_fw: No longer copy tcf_result on update to avoid
> use-after-free
> net/sched: cls_route: No longer copy tcf_result on update to avoid
> use-after-free
>
> net/sched/cls_fw.c | 1 -
> net/sched/cls_route.c | 1 -
> net/sched/cls_u32.c | 1 -
> 3 files changed, 3 deletions(-)
>
Acked-by: Stefan Bader <stefan.bader at canonical.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0xE8675DEECBEECEA3.asc
Type: application/pgp-keys
Size: 44613 bytes
Desc: OpenPGP public key
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20230817/71fc49e6/attachment-0001.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20230817/71fc49e6/attachment-0001.sig>
More information about the kernel-team
mailing list