ACK: [SRU][J/K][PATCH 0/1] CVE-2023-0266
Stefan Bader
stefan.bader at canonical.com
Thu Feb 16 09:19:25 UTC 2023
On 15.02.23 00:56, Yuxuan Luo wrote:
> [Impact]
> There exists a vulnerability triggering trace in ALSA PCM package for
> specifically 32-bit machines which consequences in calling a sequence sensitive
> function without a lock. This issue may lead to a use-after-free that results
> in a priviledge escalation.
>
> [Backport]
> Clean cherry pick on both releases.
>
> [Test]
> Compile and smoke tested.
>
> [Potential Regression]
> Potential regression resides in `control.c` and `control_compat.c` files with
> likely low risk.
>
> Clement Lecigne (1):
> ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
>
> sound/core/control.c | 24 +++++++++++++++---------
> 1 file changed, 15 insertions(+), 9 deletions(-)
>
Acked-by: Stefan Bader <stefan.bader at canonical.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0xE8675DEECBEECEA3.asc
Type: application/pgp-keys
Size: 44613 bytes
Desc: OpenPGP public key
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20230216/13e807fa/attachment-0001.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20230216/13e807fa/attachment-0001.sig>
More information about the kernel-team
mailing list