[SRU Lunar 0/1] CVE-2023-25775
Cengiz Can
cengiz.can at canonical.com
Sat Oct 28 03:38:02 UTC 2023
[Impact]
Improper access control in the Intel(R) Ethernet Controller RDMA driver for
linux before version 1.9.30 may allow an unauthenticated user to potentially
enable escalation of privilege via network access.
[Fix]
Cherry picked from upstream.
[Test case]
Since it requires a 100Gbit NIC, compile and boot tested only.
[Potential regression]
Low regression potential, since the fix has been around August 2023.
Christopher Bednarz (1):
RDMA/irdma: Prevent zero-length STAG registration
drivers/infiniband/hw/irdma/ctrl.c | 6 ++++++
drivers/infiniband/hw/irdma/type.h | 2 ++
drivers/infiniband/hw/irdma/verbs.c | 10 ++++++++--
3 files changed, 16 insertions(+), 2 deletions(-)
--
2.39.2
More information about the kernel-team
mailing list