ACK: [UBUNTU Kinetic,OEM-6.0 0/1] CVE-2023-1032
Stefan Bader
stefan.bader at canonical.com
Thu Mar 16 08:52:41 UTC 2023
On 15.03.23 14:32, Thadeu Lima de Souza Cascardo wrote:
> [Impact]
> An unprivileged user under memory cgroup constraints may crash the kernel
> with a double free.
>
> [Test case]
> A PoC was tested in both 5.19 and 6.0 kernels. Without the fix, there is a kernel
> BUG_ON. With the fix, the constrained process is only killed with OOM, but no BUG_ON
> is observed.
>
> [Potential regression]
> The changed function is only used by io_uring, so only io_uring users would be
> affected by any regressions.
>
> Thadeu Lima de Souza Cascardo (1):
> net: avoid double iput when sock_alloc_file fails
>
> net/socket.c | 11 ++++-------
> 1 file changed, 4 insertions(+), 7 deletions(-)
>
Acked-by: Stefan Bader <stefan.bader at canonical.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0xE8675DEECBEECEA3.asc
Type: application/pgp-keys
Size: 44613 bytes
Desc: OpenPGP public key
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20230316/658cb720/attachment-0001.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20230316/658cb720/attachment-0001.sig>
More information about the kernel-team
mailing list