APPLIED [OEM-6.1] Re: [SRU][Focal/Jammy/Lunar][PATCH 0/1] CVE-2023-4881
Timo Aaltonen
tjaalton at ubuntu.com
Thu Sep 28 11:38:33 UTC 2023
Yuxuan Luo kirjoitti 19.9.2023 klo 0.31:
> [Impact]
> A stack based out-of-bounds write flaw was found in the netfilter
> subsystem in the Linux kernel. If the expression length is a multiple of
> 4 (register size), the `nft_exthdr_eval` family of functions writes 4
> NULL bytes past the end of the `regs` argument, leading to stack
> corruption and potential information disclosure or a denial of service.
>
> [Backport]
> The fix commit fixes four occurrences introduced by different break
> commits. Since not all break commits are present in the Focal tree, some
> hunks are ignored and the rest are backported.
> For Jammy and Lunar, it is a clean cherry pick.
>
> [Test]
> Only boot test is performed so far, more comprehensive tests will come
> in few days.
>
> [Potential Regression]
> The regression should be limited within the modified file.
>
> Florian Westphal (1):
> netfilter: nftables: exthdr: fix 4-byte stack OOB write
>
> net/netfilter/nft_exthdr.c | 22 ++++++++++++++--------
> 1 file changed, 14 insertions(+), 8 deletions(-)
>
applied to oem-6.1, thanks
--
t
More information about the kernel-team
mailing list