[SRU][J/L/M][PATCH 0/1] CVE-2023-5158
Yuxuan Luo
yuxuan.luo at canonical.com
Thu Oct 26 19:54:50 UTC 2023
[Impact]
A flaw was found in vringh_kiov_advance in drivers/vhost/vringh.c in the
host side of a virtio ring in the Linux Kernel. This issue may result in
a denial of service from guest to host via zero length descriptor.
[Backport]
It is a clean cherry pick.
[Test]
Compile and boot tested.
[Potential Regression]
Expect low regression potential that's limited to vhost users.
Stefano Garzarella (1):
vringh: don't use vringh_kiov_advance() in vringh_iov_xfer()
drivers/vhost/vringh.c | 12 +++++++++++-
1 file changed, 11 insertions(+), 1 deletion(-)
--
2.34.1
More information about the kernel-team
mailing list