ACK: [SRU][M/J/F][PATCH v3 0/1] CVE-2023-52600

Manuel Diewald manuel.diewald at canonical.com
Tue Mar 26 09:05:04 UTC 2024


On Fri, Mar 22, 2024 at 12:10:37PM -0500, Bethany Jamison wrote:
> [Impact]
> 
>  In the Linux kernel, the following vulnerability has been resolved:
> 
>  jfs: fix uaf in jfs_evict_inode
> 
>  When the execution of diMount(ipimap) fails, the object ipimap that has
>  been
>  released may be accessed in diFreeSpecial(). Asynchronous ipimap release
>  occurs
>  when rcu_core() calls jfs_free_node().
> 
>  Therefore, when diMount(ipimap) fails, sbi->ipimap should not be
>  initialized as
>  ipimap.
> 
> [Fix]
> 
> Mantic: Clean cherry-pick
> Jammy: Mantic patch applied cleanly
> Focal: Mantic patch applied cleanly
> Bionic: sent to esm ML
> Xenial: sent to esm ML
> Trusty: not going to be fixed by us
> 
> [Test Case]
> 
> Compile and boot tested.
> 
> [Where problems could occur]
> 
> This affects jfs, issues could occur when initializing the
> inode map to keep track of files and directories within the 
> filesystem.
> 
> v2: edited Fix section
> 
> v3: added version number, forgot to version for v2 resubmission
> 
> Edward Adam Davis (1):
>   jfs: fix uaf in jfs_evict_inode
> 
>  fs/jfs/jfs_mount.c | 6 +++---
>  1 file changed, 3 insertions(+), 3 deletions(-)
> 
> -- 
> 2.34.1
> 
> -- 
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team

Acked-by: Manuel Diewald <manuel.diewald at canonical.com>

-- 
 Manuel



More information about the kernel-team mailing list