[SRU][Jammy-OEM-5.17/OEM-6.0][PATCH 0/1] CVE-2023-2162

Yuxuan Luo yuxuan.luo at canonical.com
Mon Jul 31 18:28:01 UTC 2023

A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in 
drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. In this 
flaw an attacker could leak kernel internal information. 

It is a clean cherry pick.

Boot tested.

[Potential Regression]
Expecting low regression potential.

Mike Christie (1):
  scsi: iscsi_tcp: Fix UAF during login when accessing the shost

 drivers/scsi/iscsi_tcp.c | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)


More information about the kernel-team mailing list