Cmnt: [SRU][Lunar][PATCH 0/4] CVE-2023-39191

[Yuxuan Luo]

On 1/26/24 17:44, Bethany Jamison wrote:
> [Impact]
>
> An improper input validation flaw was found in the eBPF subsystem in the
> Linux kernel. The issue occurs due to a lack of proper validation of
> dynamic pointers within user-supplied eBPF programs prior to executing
> them. This may allow an attacker with CAP_BPF privileges to escalate
> privileges and execute arbitrary code in the context of the kernel.
>
> [Fix]
>
> Clean cherry-picks. 3 fix commits were skipped because they were already
> applied upstream.
>
> [Test Case]
>
> Compile and boot tested.
>
> [Regression Potential]
>
> Issues could occur when using bpf dynamic pointers.
>
> Kumar Kartikeya Dwivedi (4):
>    bpf: Invalidate slices on destruction of dynptrs on stack
>    bpf: Allow reinitializing unreferenced dynptr stack slots
>    bpf: Combine dynptr_get_spi and is_spi_bounds_valid
>    bpf: Avoid recomputing spi in process_dynptr_func
>
>   include/linux/bpf_verifier.h                  |   5 +-
>   kernel/bpf/verifier.c                         | 201 +++++++++++-------
>   .../testing/selftests/bpf/progs/dynptr_fail.c |   4 +-
>   3 files changed, 135 insertions(+), 75 deletions(-)
Lunar is EOL. Does it affects Jammy-OEM-6.1? If so, would you mind add 
[OEM-6.1] in the subject line?