[SRU][Focal][PATCH v2 0/2] CVE-2023-3268

Yuxuan Luo yuxuan.luo at canonical.com
Tue Jul 11 22:22:52 UTC 2023


[Impact]
An out of bounds (OOB) memory access flaw was found in the Linux kernel
in relay_file_read_start_pos in kernel/relay.c in the relayfs. This
flaw could allow a local attacker to crash the system or leak kernel
internal information.

[Backport]
There are clean cherry picks.

[Test]
Only compile and boot tested so far, the test against proof of concept
will come up later.

[Potential Regression]
Expect low risk of regression.

Pengcheng Yang (1):
  kernel/relay.c: fix read_pos error when multiple readers

Zhang Zhengming (1):
  relayfs: fix out-of-bounds access in relay_file_read

 kernel/relay.c | 18 ++++++++----------
 1 file changed, 8 insertions(+), 10 deletions(-)

-- 
2.34.1




More information about the kernel-team mailing list