[SRU][F/J/K/L][PATCH 0/1] CVE-2023-3090

Yuxuan Luo yuxuan.luo at canonical.com
Mon Jul 3 21:23:45 UTC 2023


[Impact]
A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network
driver can be exploited to achieve local privilege escalation.

[Backport]
Clean cherry pick.

[Test]
Compile and boot tested.

[Potential Regression]
Expect very low regression potential.

t.feng (1):
  ipvlan:Fix out-of-bounds caused by unclear skb->cb

 drivers/net/ipvlan/ipvlan_core.c | 6 ++++++
 1 file changed, 6 insertions(+)

-- 
2.34.1




More information about the kernel-team mailing list