ACK: [SRU][M/J/F][PATCH v3 0/1] CVE-2023-52600
Stefan Bader
stefan.bader at canonical.com
Mon Mar 25 13:26:40 UTC 2024
On 22.03.24 18:10, Bethany Jamison wrote:
> [Impact]
>
> In the Linux kernel, the following vulnerability has been resolved:
>
> jfs: fix uaf in jfs_evict_inode
>
> When the execution of diMount(ipimap) fails, the object ipimap that has
> been
> released may be accessed in diFreeSpecial(). Asynchronous ipimap release
> occurs
> when rcu_core() calls jfs_free_node().
>
> Therefore, when diMount(ipimap) fails, sbi->ipimap should not be
> initialized as
> ipimap.
>
> [Fix]
>
> Mantic: Clean cherry-pick
> Jammy: Mantic patch applied cleanly
> Focal: Mantic patch applied cleanly
> Bionic: sent to esm ML
> Xenial: sent to esm ML
> Trusty: not going to be fixed by us
>
> [Test Case]
>
> Compile and boot tested.
>
> [Where problems could occur]
>
> This affects jfs, issues could occur when initializing the
> inode map to keep track of files and directories within the
> filesystem.
>
> v2: edited Fix section
>
> v3: added version number, forgot to version for v2 resubmission
>
> Edward Adam Davis (1):
> jfs: fix uaf in jfs_evict_inode
>
> fs/jfs/jfs_mount.c | 6 +++---
> 1 file changed, 3 insertions(+), 3 deletions(-)
>
Acked-by: Stefan Bader <stefan.bader at canonical.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0xE8675DEECBEECEA3.asc
Type: application/pgp-keys
Size: 48643 bytes
Desc: OpenPGP public key
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20240325/17e06f48/attachment-0001.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20240325/17e06f48/attachment-0001.sig>
More information about the kernel-team
mailing list