[SRU][Focal][PATCH 0/1] CVE-2023-1611
Yuxuan Luo
yuxuan.luo at canonical.com
Mon Jun 26 21:21:39 UTC 2023
[Impact]
It was discovered that a race condition existed in the btrfs file system
implementation in the Linux kernel, leading to a use-after-free vulnerability.
A privileged local attacker could use this to cause a denial of service (system
crash) or possibly expose sensitive information.
[Backport]
The conflict in qgroup.c can be ignored since their functionality are the same.
[Test]
Compile and smoke tested via make a btrfs loopdev and mount it.
[Potential Regression]
Expect minimal regression.
Filipe Manana (1):
btrfs: fix race between quota disable and quota assign ioctls
fs/btrfs/ioctl.c | 2 ++
fs/btrfs/qgroup.c | 11 ++++++++++-
2 files changed, 12 insertions(+), 1 deletion(-)
--
2.34.1
More information about the kernel-team
mailing list