APPLIED: [SRU Lunar 0/1] CVE-2023-25775
Stefan Bader
stefan.bader at canonical.com
Mon Oct 30 09:32:23 UTC 2023
On 28.10.23 05:38, Cengiz Can wrote:
> [Impact]
> Improper access control in the Intel(R) Ethernet Controller RDMA driver for
> linux before version 1.9.30 may allow an unauthenticated user to potentially
> enable escalation of privilege via network access.
>
> [Fix]
> Cherry picked from upstream.
>
> [Test case]
> Since it requires a 100Gbit NIC, compile and boot tested only.
>
> [Potential regression]
> Low regression potential, since the fix has been around August 2023.
>
> Christopher Bednarz (1):
> RDMA/irdma: Prevent zero-length STAG registration
>
> drivers/infiniband/hw/irdma/ctrl.c | 6 ++++++
> drivers/infiniband/hw/irdma/type.h | 2 ++
> drivers/infiniband/hw/irdma/verbs.c | 10 ++++++++--
> 3 files changed, 16 insertions(+), 2 deletions(-)
>
Applied to lunar:linux/master-next. Thanks.
-Stefan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0xE8675DEECBEECEA3.asc
Type: application/pgp-keys
Size: 44613 bytes
Desc: OpenPGP public key
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20231030/456e1fd9/attachment-0001.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20231030/456e1fd9/attachment-0001.sig>
More information about the kernel-team
mailing list