ACK: [SRU][F/J/L linux][PATCH 0/1] CVE-2023-34319
Tim Gardner
tim.gardner at canonical.com
Thu Sep 28 14:13:49 UTC 2023
On 9/25/23 4:07 PM, Yuxuan Luo wrote:
> [Impact]
> Ross Lagerwall discovered that the Xen netback backend driver in the
> Linux kernel did not properly handle certain unusual packets from a
> paravirtualized network frontend, leading to a buffer overflow. An
> attacker in a guest VM could use this to cause a denial of service (host
> system crash) or possibly execute arbitrary code.
>
> [Backport]
> All clean cherry pick.
>
> [Test]
> Compile and boot tested.
>
> [Potential Regression]
> Expect low regresssion potential since it has already been backported in
> the same way to multiple stable branches.
>
> Ross Lagerwall (1):
> xen/netback: Fix buffer overrun triggered by unusual packet
>
> drivers/net/xen-netback/netback.c | 15 ++++++++++-----
> 1 file changed, 10 insertions(+), 5 deletions(-)
>
Acked-by: Tim Gardner <tim.gardner at canonical.com>
--
-----------
Tim Gardner
Canonical, Inc
More information about the kernel-team
mailing list