[SRU][Focal][PATCH v2 0/2] CVE-2023-3268

Yuxuan Luo yuxuan.luo at canonical.com
Tue Jul 11 22:22:52 UTC 2023

An out of bounds (OOB) memory access flaw was found in the Linux kernel
in relay_file_read_start_pos in kernel/relay.c in the relayfs. This
flaw could allow a local attacker to crash the system or leak kernel
internal information.

There are clean cherry picks.

Only compile and boot tested so far, the test against proof of concept
will come up later.

[Potential Regression]
Expect low risk of regression.

Pengcheng Yang (1):
  kernel/relay.c: fix read_pos error when multiple readers

Zhang Zhengming (1):
  relayfs: fix out-of-bounds access in relay_file_read

 kernel/relay.c | 18 ++++++++----------
 1 file changed, 8 insertions(+), 10 deletions(-)


More information about the kernel-team mailing list