[SRU][Lunar/Mantic][PATCH 0/1] CVE-2023-6531
Yuxuan Luo
yuxuan.luo at canonical.com
Wed Jan 3 22:09:39 UTC 2024
[Impact]
Allowing io_uring to send file descriptors over UNIX domain sockets
leads to potential circular referencing which is error-prone for garbage
collectors and has caused lots of problems. The upstream has decided to
disble this feature before it creates more trouble.
[Backport]
It is a clean cherry pick.
[Test]
Compile and boot tested.
[Potential Regression]
Although it certainly breaks existing users, the discussion in the
mailing list believes "it's very low risk"[1].
^[1]: https://lore.kernel.org/all/6d2d5231-4729-4783-bcc8-0d11396e30fb@kernel.dk/
Pavel Begunkov (1):
io_uring/af_unix: disable sending io_uring over sockets
io_uring/rsrc.h | 7 -------
net/core/scm.c | 6 ++++++
2 files changed, 6 insertions(+), 7 deletions(-)
--
2.34.1
More information about the kernel-team
mailing list