[SRU][Mantic][Lunar][Jammy][PATCH v3 0/1] CVE-2023-6176
Bethany Jamison
bethany.jamison at canonical.com
Tue Nov 21 21:04:15 UTC 2023
[Impact]
A null pointer dereference flaw was found in the Linux kernel API for the
cryptographic algorithm scatterwalk functionality. This issue occurs when a
user constructs a malicious packet with specific socket configuration,
which could allow a local user to crash the system or escalate their
privileges on the system.
[Fix]
Clean cherry-pick.
[Test Case]
Compile and boot test.
[Where problems could occur]
Issues could occur in tls.
v2:
added Jammy and Lunar tags to patch 1/1
v3:
added provenance line
Liu Jian (1):
net/tls: do not free tls_rec on async operation in
bpf_exec_tx_verdict()
net/tls/tls_sw.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
--
2.34.1
More information about the kernel-team
mailing list