[SRU][OEM-6.0][PATCH 0/1] CVE-2023-26605
Yuxuan Luo
yuxuan.luo at canonical.com
Mon Mar 27 18:14:42 UTC 2023
[Impact]
It was discovered that the file system writeback functionality in the Linux
kernel contained a user-after-free vulnerability. A local attacker could
possibly use this to cause a denial of service (system crash) or execute
arbitrary code.
[Backport]
Clean cherry pick.
[Test]
Compile and boot tested.
[Potential Regression]
Very low, since the change was about wrapping an additional condition check
around existing code.
Svyatoslav Feldsherov (1):
fs: do not update freeing inode i_io_list
fs/fs-writeback.c | 30 +++++++++++++++++++-----------
1 file changed, 19 insertions(+), 11 deletions(-)
--
2.34.1
More information about the kernel-team
mailing list