ACK: [UBUNTU Bionic, Focal, Jammy, Kinetic, OEM-5.14, OEM-5.17, OEM-6.0 0/1] CVE-2023-1281

Stefan Bader stefan.bader at canonical.com
Thu Mar 16 08:49:10 UTC 2023 

On 15.03.23 16:20, Thadeu Lima de Souza Cascardo wrote:
> [Impact]
> An unprivileged user may exploit a use-after-free condition with the tcindex
> classifier, leading to possible local escalation of privilege.
> 
> [Backport]
> The fix uses rcu_replace_pointer, which was not available on 4.15 and 5.4.
> A backport to add it was done on those branches.
> 
> The tcindex classifier was removed on 6.1 and 6.2 kernels.
> 
> [Potential regression]
> Only tcindex classifiers are under risk of regressions.
> 
> 
> Paul E. McKenney (1):
>    rcu: Upgrade rcu_swap_protected() to rcu_replace_pointer()
> 
> Pedro Tammela (1):
>    net/sched: tcindex: update imperfect hash filters respecting rcu
> 
>   include/linux/rcupdate.h | 18 ++++++++++++++++++
>   net/sched/cls_tcindex.c  | 34 ++++++++++++++++++++++++++++++----
>   2 files changed, 48 insertions(+), 4 deletions(-)
> 

Acked-by: Stefan Bader <stefan.bader at canonical.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0xE8675DEECBEECEA3.asc
Type: application/pgp-keys
Size: 44613 bytes
Desc: OpenPGP public key
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20230316/5499d4be/attachment-0001.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20230316/5499d4be/attachment-0001.sig>

More information about the kernel-team mailing list