ACK: [SRU Lunar 0/1] CVE-2023-25775
Roxana Nicolescu
roxana.nicolescu at canonical.com
Mon Oct 30 09:13:21 UTC 2023
On 28/10/2023 05:38, Cengiz Can wrote:
> [Impact]
> Improper access control in the Intel(R) Ethernet Controller RDMA driver for
> linux before version 1.9.30 may allow an unauthenticated user to potentially
> enable escalation of privilege via network access.
>
> [Fix]
> Cherry picked from upstream.
>
> [Test case]
> Since it requires a 100Gbit NIC, compile and boot tested only.
>
> [Potential regression]
> Low regression potential, since the fix has been around August 2023.
>
> Christopher Bednarz (1):
> RDMA/irdma: Prevent zero-length STAG registration
>
> drivers/infiniband/hw/irdma/ctrl.c | 6 ++++++
> drivers/infiniband/hw/irdma/type.h | 2 ++
> drivers/infiniband/hw/irdma/verbs.c | 10 ++++++++--
> 3 files changed, 16 insertions(+), 2 deletions(-)
>
Acked-by: Roxana Nicolescu <roxana.nicolescu at canonical.com>
More information about the kernel-team
mailing list