APPLIED: [SRU][L/K/J/F][PATCH 0/1] CVE-2022-31436
Luke Nowakowski-Krijger
luke.nowakowskikrijger at canonical.com
Thu May 11 16:09:22 UTC 2023
Applied to focal,jammy,kinetic,lunar linux master-next
Thanks,
- Luke
On Thu, May 11, 2023 at 12:09 AM Yuxuan Luo <yuxuan.luo at canonical.com>
wrote:
> [Impact]
> When the MTU of the loopback device feeds a large number,
> net/sched/sch_qfq.c
> allows a out-of-bounds read/write error, detriment system's integrity.
>
> [Backport]
> It is a clean cherry pick for all affected releases.
>
> [Test]
> Compile and smoke tested via modprobe and rmmod the sch_fq module.
>
> [Potential Regression]
> Expecting little regression potential since the patch only adds an
> additional
> layer of checking without manipulating the memory.
>
> Gwangun Jung (1):
> net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
>
> net/sched/sch_qfq.c | 13 +++++++------
> 1 file changed, 7 insertions(+), 6 deletions(-)
>
> --
> 2.34.1
>
>
> --
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20230511/c991e79d/attachment.html>
More information about the kernel-team
mailing list