[SRU][F/J/L linux][PATCH 0/1] CVE-2023-34319
Yuxuan Luo
yuxuan.luo at canonical.com
Mon Sep 25 22:07:49 UTC 2023
[Impact]
Ross Lagerwall discovered that the Xen netback backend driver in the
Linux kernel did not properly handle certain unusual packets from a
paravirtualized network frontend, leading to a buffer overflow. An
attacker in a guest VM could use this to cause a denial of service (host
system crash) or possibly execute arbitrary code.
[Backport]
All clean cherry pick.
[Test]
Compile and boot tested.
[Potential Regression]
Expect low regresssion potential since it has already been backported in
the same way to multiple stable branches.
Ross Lagerwall (1):
xen/netback: Fix buffer overrun triggered by unusual packet
drivers/net/xen-netback/netback.c | 15 ++++++++++-----
1 file changed, 10 insertions(+), 5 deletions(-)
--
2.34.1
More information about the kernel-team
mailing list