APPLIED Re: [OEM-5.14, OEM-5.17][PATCH 0/1] CVE-2022-3545
Timo Aaltonen
tjaalton at ubuntu.com
Mon Jan 23 10:25:15 UTC 2023
Yuxuan Luo kirjoitti 20.1.2023 klo 23.15:
> [Impact]
> Under certain circumstance, the nfp has an use-after-free vulnerability.
> The generic kernels were patched, but not OEM kernels.
>
> [Backport]
> They are all clean cherry-picks.
>
> [Potential Regression]
> Regression is scoped in nfp_cppcore.c
>
> [Test]
> Compile tested and smoked tested on generic kernels.
>
> Jialiang Wang (1):
> nfp: fix use-after-free in area_cache_get()
>
> drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
applied to oem-5.14 and oem-5.17, thanks
--
t
More information about the kernel-team
mailing list