[SRU][Jammy-OEM-6.0/OEM-6.1][PATCH 0/3] CVE-2023-4128
Yuxuan Luo
yuxuan.luo at canonical.com
Thu Aug 17 19:41:03 UTC 2023
On 8/17/23 14:22, Cengiz Can wrote:
> On 17/08/2023 01:13, Yuxuan Luo wrote:
>> [Impact]
>> A use-after-free flaw was found in net/sched/cls_fw.c in classifiers
>> (cls_fw, cls_u32, and cls_route) in the Linux Kernel. This flaw allows a
>> local attacker to perform a local privilege escalation due to incorrect
>> handling of the existing filter, leading to a kernel information leak
>> issue.
>
> This does cover Jammy and yet there's another thread covering Jammy as
> well.
>
> Is this one still valid?
Yes, this one is for OEM kernels which produce clean git apply, avoiding
an awkward situation where they cherry pick cleanly on their own but
can't share a same .patch file.
>
>> [Backport]
>> Clean cherry picks.
>>
>> [Test]
>> Smoke tested by adding corresponding filters using `tc`.
>>
>> [Potential Regression]
>> Expect low regression potential.
>>
>> valis (3):
>> net/sched: cls_u32: No longer copy tcf_result on update to avoid
>> use-after-free
>> net/sched: cls_fw: No longer copy tcf_result on update to avoid
>> use-after-free
>> net/sched: cls_route: No longer copy tcf_result on update to avoid
>> use-after-free
>>
>> net/sched/cls_fw.c | 1 -
>> net/sched/cls_route.c | 1 -
>> net/sched/cls_u32.c | 1 -
>> 3 files changed, 3 deletions(-)
>>
More information about the kernel-team
mailing list