[UBUNTU Kinetic,OEM-6.0 0/1] CVE-2023-1032
Thadeu Lima de Souza Cascardo
cascardo at canonical.com
Wed Mar 15 13:32:50 UTC 2023
[Impact]
An unprivileged user under memory cgroup constraints may crash the kernel
with a double free.
[Test case]
A PoC was tested in both 5.19 and 6.0 kernels. Without the fix, there is a kernel
BUG_ON. With the fix, the constrained process is only killed with OOM, but no BUG_ON
is observed.
[Potential regression]
The changed function is only used by io_uring, so only io_uring users would be
affected by any regressions.
Thadeu Lima de Souza Cascardo (1):
net: avoid double iput when sock_alloc_file fails
net/socket.c | 11 ++++-------
1 file changed, 4 insertions(+), 7 deletions(-)
--
2.34.1
More information about the kernel-team
mailing list