APPLIED: [SRU][J/L/M][PATCH 0/1] CVE-2023-5158

Roxana Nicolescu roxana.nicolescu at canonical.com
Fri Oct 27 11:19:36 UTC 2023


On 26/10/2023 21:54, Yuxuan Luo wrote:
> [Impact]
> A flaw was found in vringh_kiov_advance in drivers/vhost/vringh.c in the
> host side of a virtio ring in the Linux Kernel. This issue may result in
> a denial of service from guest to host via zero length descriptor.
>
> [Backport]
> It is a clean cherry pick.
>
> [Test]
> Compile and boot tested.
>
> [Potential Regression]
> Expect low regression potential that's limited to vhost users.
>
>
> Stefano Garzarella (1):
>    vringh: don't use vringh_kiov_advance() in vringh_iov_xfer()
>
>   drivers/vhost/vringh.c | 12 +++++++++++-
>   1 file changed, 11 insertions(+), 1 deletion(-)
>
Applied to m,l,j:master-next. Thanks!

Roxana



More information about the kernel-team mailing list