[SRU][M/J/F][PATCH 0/1] CVE-2023-52600
Bethany Jamison
bethany.jamison at canonical.com
Fri Mar 22 16:40:21 UTC 2024
[Impact]
In the Linux kernel, the following vulnerability has been resolved:
jfs: fix uaf in jfs_evict_inode
When the execution of diMount(ipimap) fails, the object ipimap that has
been
released may be accessed in diFreeSpecial(). Asynchronous ipimap release
occurs
when rcu_core() calls jfs_free_node().
Therefore, when diMount(ipimap) fails, sbi->ipimap should not be
initialized as
ipimap.
[Fix]
Mantic: Clean cherry-pick
Jammy: Mantic patch applied cleanly
Focal: Mantic patch applied cleanly
Bionic: Mantic patch applied cleanly - sent to esm ML
Xenial: Fix and prereq commit cherry-picked cleanly - sent to esm ML
Trusty: not going to be fixed by us
[Test Case]
Compile and boot tested.
[Where problems could occur]
This affects jfs, issues could occur when initializing the
inode map to keep track of files and directories within the
filesystem.
Edward Adam Davis (1):
jfs: fix uaf in jfs_evict_inode
fs/jfs/jfs_mount.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
--
2.34.1
More information about the kernel-team
mailing list