APPLIED: [SRU][M/J/F][PATCH v3 0/1] CVE-2023-52600

Stefan Bader stefan.bader at canonical.com
Wed Mar 27 10:44:23 UTC 2024


On 22.03.24 18:10, Bethany Jamison wrote:
> [Impact]
> 
>   In the Linux kernel, the following vulnerability has been resolved:
> 
>   jfs: fix uaf in jfs_evict_inode
> 
>   When the execution of diMount(ipimap) fails, the object ipimap that has
>   been
>   released may be accessed in diFreeSpecial(). Asynchronous ipimap release
>   occurs
>   when rcu_core() calls jfs_free_node().
> 
>   Therefore, when diMount(ipimap) fails, sbi->ipimap should not be
>   initialized as
>   ipimap.
> 
> [Fix]
> 
> Mantic: Clean cherry-pick
> Jammy: Mantic patch applied cleanly
> Focal: Mantic patch applied cleanly
> Bionic: sent to esm ML
> Xenial: sent to esm ML
> Trusty: not going to be fixed by us
> 
> [Test Case]
> 
> Compile and boot tested.
> 
> [Where problems could occur]
> 
> This affects jfs, issues could occur when initializing the
> inode map to keep track of files and directories within the
> filesystem.
> 
> v2: edited Fix section
> 
> v3: added version number, forgot to version for v2 resubmission
> 
> Edward Adam Davis (1):
>    jfs: fix uaf in jfs_evict_inode
> 
>   fs/jfs/jfs_mount.c | 6 +++---
>   1 file changed, 3 insertions(+), 3 deletions(-)
> 

Applied to mantic,jammy,focal:linux/master-next. Thanks.

-Stefan

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0xE8675DEECBEECEA3.asc
Type: application/pgp-keys
Size: 48643 bytes
Desc: OpenPGP public key
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20240327/8b0e16f1/attachment-0001.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20240327/8b0e16f1/attachment-0001.sig>


More information about the kernel-team mailing list