[SRU][F/J/M][PATCH 0/1] CVE-2024-0646
Magali Lemes
magali.lemes at canonical.com
Mon Jan 29 21:30:21 UTC 2024
[Impact]
An out-of-bounds memory write flaw was found in the Linux kernel's Transport
Layer Security functionality in how a user calls a function splice with a ktls
socket as the destination. This flaw allows a local user to crash or
potentially escalate their privileges on the system.
[Backport]
Clean cherry-pick.
[Test]
Compile and boot tested.
[Potential Regression]
This affects TLS.
John Fastabend (1):
net: tls, update curr on splice as well
net/tls/tls_sw.c | 2 ++
1 file changed, 2 insertions(+)
--
2.34.1
More information about the kernel-team
mailing list