[SRU Focal, Jammy, OEM-5.17, Kinetic, OEM-6.0, Lunar PATCH 0/1] CVE-2023-2124

[Cengiz Can]

[Impact]
An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file
system in how a user restores an XFS image after failure (with a dirty log
journal). This flaw allows a local user to crash or potentially escalate their
privileges on the system.

[Fix]
Cherry picked from upstream. Focal lacks commit 1094d3f12363 ("xfs: refactor log
recovery buffer item dispatch for pass2 commit functions") so the logic block
seems to be in another file. For Focal, patched that file and function
instead.

[Test case]
Compile and boot tested for all.

Ran xfstests test suite's 800 tests on both unpatched and patched Focal. 
Failures are similar on both.

[Potential regression]
Users of XFS filesystem might be affected. Although very unlikely.

Darrick J. Wong (1):
  xfs: verify buffer contents when we skip log replay

 fs/xfs/xfs_buf_item_recover.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

-- 
2.39.2