[SRU][L/K/J/F][PATCH 0/1] CVE-2022-31436
Yuxuan Luo
yuxuan.luo at canonical.com
Wed May 10 22:09:16 UTC 2023
[Impact]
When the MTU of the loopback device feeds a large number, net/sched/sch_qfq.c
allows a out-of-bounds read/write error, detriment system's integrity.
[Backport]
It is a clean cherry pick for all affected releases.
[Test]
Compile and smoke tested via modprobe and rmmod the sch_fq module.
[Potential Regression]
Expecting little regression potential since the patch only adds an additional
layer of checking without manipulating the memory.
Gwangun Jung (1):
net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
net/sched/sch_qfq.c | 13 +++++++------
1 file changed, 7 insertions(+), 6 deletions(-)
--
2.34.1
More information about the kernel-team
mailing list