ACK/Cmnt: [SRU][Jammy][PATCH 0/1] CVE-2022-4379
Andrei Gherzan
andrei.gherzan at canonical.com
Fri Jan 27 09:40:18 UTC 2023
On Fri, 27 Jan 2023, 09:10 Stefan Bader, <stefan.bader at canonical.com> wrote:
> On 23.01.23 16:38, Andrei Gherzan wrote:
> > [Impact]
> >
> > A use-after-free vulnerability was found in __nfs42_ssc_open() in
> > fs/nfs/nfs4file.c in the Linux kernel. This flaw allows an attacker to
> > conduct a remote denial.
> >
> > [Fix]
> >
> > Backported 75333d48f92256a0dec91dbf07835e804fc411c0 from upstream.
> > Backport was required (see the patch for more details).
> >
> > [Potential regression]
> >
> > None expected, low.
> >
> > [Tests]
> >
> > * Build test
> > * Runtime test
> > * boot a new Kinetic VM instance
> > * loaded nfsd kernel module
> > * exported on the VM a path and mounted on a client via NFSv4
> > * no errors or functionality impact observed
> >
> > Dai Ngo (1):
> > NFSD: fix use-after-free in __nfs42_ssc_open()
> >
> > fs/nfsd/nfs4proc.c | 22 ++++++----------------
> > 1 file changed, 6 insertions(+), 16 deletions(-)
> >
> Is this actually the same change as for Kinetic? Cannot tell but looking
> extremely similar... Even more reason that it should be ONE submission.
>
Noted. Thanks for the review.
Andrei
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20230127/014e174e/attachment.html>
More information about the kernel-team
mailing list