ACK: [UBUNTU Kinetic,OEM-6.0 0/1] CVE-2023-1032
Luke Nowakowski-Krijger
luke.nowakowskikrijger at canonical.com
Thu Mar 16 20:11:27 UTC 2023
Acked-by: Luke Nowakowski-Krijger <luke.nowakowskikrijger at canonical.com>
On Wed, Mar 15, 2023 at 6:34 AM Thadeu Lima de Souza Cascardo <
cascardo at canonical.com> wrote:
> [Impact]
> An unprivileged user under memory cgroup constraints may crash the kernel
> with a double free.
>
> [Test case]
> A PoC was tested in both 5.19 and 6.0 kernels. Without the fix, there is a
> kernel
> BUG_ON. With the fix, the constrained process is only killed with OOM, but
> no BUG_ON
> is observed.
>
> [Potential regression]
> The changed function is only used by io_uring, so only io_uring users
> would be
> affected by any regressions.
>
> Thadeu Lima de Souza Cascardo (1):
> net: avoid double iput when sock_alloc_file fails
>
> net/socket.c | 11 ++++-------
> 1 file changed, 4 insertions(+), 7 deletions(-)
>
> --
> 2.34.1
>
>
> --
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20230316/5b3fa71f/attachment.html>
More information about the kernel-team
mailing list