ACK: [SRU][Jammy/oem-6.0][PATCH 0/1] Fix CVE-2022-4379
Tim Gardner
tim.gardner at canonical.com
Fri Feb 3 13:45:50 UTC 2023
On 2/1/23 9:56 AM, Andrei Gherzan wrote:
> [Impact]
>
> A use-after-free vulnerability was found in __nfs42_ssc_open() in
> fs/nfs/nfs4file.c in the Linux kernel. This flaw allows an attacker to
> conduct a remote denial.
>
> [Fix]
>
> Backported 75333d48f92256a0dec91dbf07835e804fc411c0 from upstream. This
> patch landed only from 6.2 which also includes 754035ff79a1 ("NFSD
> enforce filehandle check for source file in COPY") which adds a check
> for filehandle in copy so that server correctly returns
> NFS4ERR_WRONG_TYPE when the file is not a regular file. This changed the
> patch context for the nfsd4_do_async_copy chunk.
>
> [Potential regression]
>
> None expected, low.
>
> [Tests]
>
> * Build test
> * Runtime test
> * boot a new Jammy VM instance
> * loaded nfsd kernel module
>
> Dai Ngo (1):
> NFSD: fix use-after-free in __nfs42_ssc_open()
>
> fs/nfsd/nfs4proc.c | 20 +++++---------------
> 1 file changed, 5 insertions(+), 15 deletions(-)
>
Acked-by: Tim Gardner <tim.gardner at canonical.com>
--
-----------
Tim Gardner
Canonical, Inc
More information about the kernel-team
mailing list