ACK: [UBUNTU OEM-6.0 0/2] CVE-2022-43945
Cengiz Can
cengiz.can at canonical.com
Fri Feb 3 03:23:08 UTC 2023
On 23-01-27 15:32:19, Thadeu Lima de Souza Cascardo wrote:
> [Impact]
> A malicious client can cause a buffer overflow on the nfsd server by sending
> a crafted RPC message.
>
> [Backport]
> Missing two commits on 6.0 that were already applied to other kernels.
>
> [Potential regression]
> NFSD servers might misbehave.
>
> Chuck Lever (2):
> NFSD: Remove "inline" directives on op_rsize_bop helpers
> NFSD: Cap rsize_bop result based on send buffer size
Acked-by: Cengiz Can <cengiz.can at canonical.com>
>
> fs/nfsd/nfs4proc.c | 169 ++++++++++++++++++++++++++-------------------
> fs/nfsd/xdr4.h | 3 +-
> 2 files changed, 101 insertions(+), 71 deletions(-)
>
> --
> 2.34.1
>
>
> --
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
More information about the kernel-team
mailing list