[SRU jammy/linux-azure 0/1] CVE-2023-5345
Thadeu Lima de Souza Cascardo
cascardo at canonical.com
Fri Jan 5 11:19:57 UTC 2024
This affects linux-azure because of extra cifs patches backported to it.
[Impact]
An unprivileged user using mount namespaces and fsopen/fsconfig may cause a
use-after-free, potentially leading to local privilege escalation.
[Test Case]
A PoC that triggered an oops was tested.
[Potential regressions]
Users could fail to mount cifs.
Quang Le (1):
fs/smb/client: Reset password pointer to NULL
fs/cifs/fs_context.c | 1 +
1 file changed, 1 insertion(+)
--
2.34.1
More information about the kernel-team
mailing list