ACK: [SRU Kinetic 0/1] CVE-2022-47929

Luke Nowakowski-Krijger luke.nowakowskikrijger at canonical.com
Thu Mar 9 19:44:57 UTC 2023


Acked-by: Luke Nowakowski-Krijger <luke.nowakowskikrijger at canonical.com>

On Thu, Mar 9, 2023 at 3:35 AM Cengiz Can <cengiz.can at canonical.com> wrote:

> [Impact]
> In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the
> traffic
> control subsystem allows an unprivileged user to trigger a denial of
> service
> (system crash) via a crafted traffic control configuration that is set up
> with
> "tc qdisc" and "tc class" commands. This affects qdisc_graft in
> net/sched/sch_api.c.
>
> [Fix]
> Clean cherry pick froom upstream.
>
> [Test case]
> Compile, boot and PoC tested under KVM.
>
> [Potential regression]
> Low.
>
> Frederick Lawler (1):
>   net: sched: disallow noqueue for qdisc classes
>
>  net/sched/sch_api.c | 5 +++++
>  1 file changed, 5 insertions(+)
>
> --
> 2.37.2
>
>
> --
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20230309/57d8f815/attachment.html>


More information about the kernel-team mailing list