APPLIED[K]: [UBUNTU oem-5.14, jammy, oem-5.17, kinetic, oem-6.0, unstable 0/2] CVE-2022-4378
Luke Nowakowski-Krijger
luke.nowakowskikrijger at canonical.com
Thu Jan 5 03:30:01 UTC 2023
Applied to kinetic:linux master-next
thanks,
- Luke
On Mon, Dec 12, 2022 at 1:07 PM Thadeu Lima de Souza Cascardo <
cascardo at canonical.com> wrote:
> [Impact]
> Unprivileged user could cause stack overflow when writing too many
> whitespaces on a sysctl file. Using user/network namespaces make it
> possible
> for unprivileged users.
>
> [Testing]
> A simple script was used to test it. The fix worked on the tested 5.14,
> 5.15,
> 5.19 and 6.1 kernels.
>
> [Potential regression]
> Writing to sysctl files may fail or parse incorrectly.
>
> Linus Torvalds (2):
> proc: proc_skip_spaces() shouldn't think it is working on C strings
> proc: avoid integer type confusion in get_proc_long
>
> kernel/sysctl.c | 30 +++++++++++++++---------------
> 1 file changed, 15 insertions(+), 15 deletions(-)
>
> --
> 2.34.1
>
>
> --
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20230104/9dfb3b2c/attachment.html>
More information about the kernel-team
mailing list