[SRU][Focal/Lunar][PATCH 0/1] CVE-2023-3212
Stefan Bader
stefan.bader at canonical.com
Thu Aug 17 07:49:40 UTC 2023
On 16.08.23 20:53, Yuxuan Luo wrote:
>
> On 8/16/23 04:28, Stefan Bader wrote:
>> On 15.08.23 18:24, Yuxuan Luo wrote:
>>> [Impact]
>>> Yang Lan discovered that the GFS2 file system implementation in the
>>> Linux kernel could attempt to dereference a null pointer in some
>>> situations. An attacker could use this to construct a malicious GFS2
>>> image that, when mounted and operated on, could cause a denial of
>>> service (system crash).
>>
>> Why is Jammy not affected?
>
> Good catch. UCT shows that Jammy is `pending (5.15.0-83.92)`. My local
>
> cranky/master-next:linux-meta/debian/changelog only shows up to 83.80,
You should re-fetch. I was temporarily behind for master-next but the
branch is updated now.
>
> I assume it has already been fetched in Jammy's tree somewhere else.
Looks like it was included via v5.15.116 upstream stable.
>
>>
>>>
>>> [Backport]
>>> For Lunar, it is a clean cherry pick.
>>> For Focal, there is a conflict revolving the `if
>>> (test_bit(GIF_ALLOC_FAILED, &ip->i_flags)) {` line which requires
>>> 9e73330f298a (“gfs2: Try harder to delete inodes locally”) commit.
>>> However, even though the aforementioned conflicting line was modified to
>>> what it is now in the fix commit, it is not related to the fix, ignore
>>> it.
>>>
>>> [Test]
>>> Tested via mount and umount gfs2.
>>>
>>> [Potential Regression]
>>> Expect no regression.
>>>
>>>
>>> Bob Peterson (1):
>>> gfs2: Don't deref jdesc in evict
>>>
>>> fs/gfs2/super.c | 8 ++++++++
>>> 1 file changed, 8 insertions(+)
>>>
>>
Thanks,
- Stefan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0xE8675DEECBEECEA3.asc
Type: application/pgp-keys
Size: 44613 bytes
Desc: OpenPGP public key
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20230817/6501ffe6/attachment-0001.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20230817/6501ffe6/attachment-0001.sig>
More information about the kernel-team
mailing list