ACK: [SRU Focal, Jammy, OEM-5.17, Kinetic, OEM-6.0, Lunar PATCH 0/1] CVE-2023-2124

[Stefan Bader]

On 12.06.23 11:42, Cengiz Can wrote:
> [Impact]
> An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file
> system in how a user restores an XFS image after failure (with a dirty log
> journal). This flaw allows a local user to crash or potentially escalate their
> privileges on the system.
> 
> [Fix]
> Cherry picked from upstream. Focal lacks commit 1094d3f12363 ("xfs: refactor log
> recovery buffer item dispatch for pass2 commit functions") so the logic block
> seems to be in another file. For Focal, patched that file and function
> instead.
> 
> [Test case]
> Compile and boot tested for all.
> 
> Ran xfstests test suite's 800 tests on both unpatched and patched Focal.
> Failures are similar on both.
> 
> [Potential regression]
> Users of XFS filesystem might be affected. Although very unlikely.
> 
> Darrick J. Wong (1):
>    xfs: verify buffer contents when we skip log replay
> 
>   fs/xfs/xfs_buf_item_recover.c | 10 ++++++++++
>   1 file changed, 10 insertions(+)
> 
> 

Acked-by: Stefan Bader <stefan.bader at canonical.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0xE8675DEECBEECEA3.asc
Type: application/pgp-keys
Size: 44613 bytes
Desc: OpenPGP public key
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20230614/b37b3642/attachment-0001.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20230614/b37b3642/attachment-0001.sig>