[SRU][Mantic][Jammy][Focal][PATCH 0/1] CVE-2023-46838
Bethany Jamison
bethany.jamison at canonical.com
Tue Feb 13 18:09:58 UTC 2024
[Impact]
Transmit requests in Xen's virtual network protocol can consist of multiple
parts. While not really useful, except for the initial part any of them may
be of zero length, i.e. carry no data at all. Besides a certain initial
portion of the to be transferred data, these parts are directly translated
into what Linux calls SKB fragments. Such converted request parts can, when
for a particular SKB they are all of length zero, lead to a de-reference of
NULL in core networking code.
[Fix]
Mantic: Clean cherry-pick.
Jammy: Mantic patch applied cleanly.
Focal: Mantic patch applied cleanly.
[Test Case]
Compile and boot tested.
[Regression Potential]
Issues could occur when sending data through Xen's networking especially
when any of those segments are zeroed.
Jan Beulich (1):
xen-netback: don't produce zero-size SKB frags
drivers/net/xen-netback/netback.c | 44 ++++++++++++++++++++++++++-----
1 file changed, 38 insertions(+), 6 deletions(-)
--
2.34.1
More information about the kernel-team
mailing list