APPLIED [OEM-6.1] Re: [SRU Focal,Jammy,OEM-6.1,Lunar,Mantic 0/3] CVE-2023-6931
Timo Aaltonen
tjaalton at ubuntu.com
Mon Jan 8 13:47:35 UTC 2024
Thadeu Lima de Souza Cascardo kirjoitti 3.1.2024 klo 21.04:
> [Impact]
> An out-of-bounds write is possible when using perf events. On systems where
> unprivileged users have access to perf (perf_event_paranoid <= 3 on 5.4 and
> later), this could allow privilege escalation.
>
> [Backport]
> On Jammy and Focal, an extra pre-requisite was added, introducing the
> ability to read lost samples per event. Though not strictly necessary,
> that's how upstream stable did it, so this would make future changes easier.
>
> [Test case]
> A reproducer was built and tested. The system no longer crashes after
> these changes.
>
> [Potential regression]
> perf users may regress or new vulnerabilities might be possible.
>
> Mark Rutland (1):
> perf: Fix perf_event_validate_size() lockdep splat
>
> Peter Zijlstra (1):
> perf: Fix perf_event_validate_size()
>
> kernel/events/core.c | 69 ++++++++++++++++++++++++++++++--------------
> 1 file changed, 47 insertions(+), 22 deletions(-)
>
applied to oem-6.1-prep, thanks
--
t
More information about the kernel-team
mailing list