ACK: [SRU Kinetic 0/1] CVE-2022-47929
Tim Gardner
tim.gardner at canonical.com
Thu Mar 9 13:43:16 UTC 2023
On 3/9/23 4:34 AM, Cengiz Can wrote:
> [Impact]
> In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic
> control subsystem allows an unprivileged user to trigger a denial of service
> (system crash) via a crafted traffic control configuration that is set up with
> "tc qdisc" and "tc class" commands. This affects qdisc_graft in
> net/sched/sch_api.c.
>
> [Fix]
> Clean cherry pick froom upstream.
>
> [Test case]
> Compile, boot and PoC tested under KVM.
>
> [Potential regression]
> Low.
>
> Frederick Lawler (1):
> net: sched: disallow noqueue for qdisc classes
>
> net/sched/sch_api.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
> --
> 2.37.2
>
>
Acked-by: Tim Gardner <tim.gardner at canonical.com>
--
-----------
Tim Gardner
Canonical, Inc
More information about the kernel-team
mailing list