Cmnt: APPLIED/Cmnt: [SRU][F/J/M][PATCH 0/2] CVE-2024-26624
Yuxuan Luo
yuxuan.luo at canonical.com
Wed Mar 27 16:14:09 UTC 2024
CVE-2024-26624 has been rejected:
https://lore.kernel.org/linux-cve-announce/2024032747-REJECTED-f2cf@gregkh/
On 3/27/24 11:43, Stefan Bader wrote:
> On 27.03.24 01:18, Yuxuan Luo wrote:
>> [Impact]
>> A potential deadlock is found in the AF_UNIX subsystem, the scenario is
>> shown below:
>>
>> CPU0 CPU1
>> ---- ----
>> lock(&u->lock/1);
>> lock(rlock-AF_UNIX);
>> lock(&u->lock/1);
>> lock(rlock-AF_UNIX);
>>
>> *** DEADLOCK ***
>> Such deadlock could lead to serious denial of service and system crash.
>>
>> [Backport]
>> The fix is a clean cherry pick.
>>
>> However, the modified function has been copied to our own trees
>> (security/apparmor/af_unix.c), therefore, a sauce patch is needed to
>> synchronize the change.
>>
>> [Test]
>> Compile and boot tested.
>>
>> [Where things could go wrong]
>> The fix touches af_unix.c which means most of the use case are affected.
>> However, what this fix does is to add "an identifier" to the locks to
>> avoid potential deadlock without touching working logic; plus, this fix
>> has been backported to multiple stable trees, expect very low regression
>> potential. If such happens, it is probably a denial of service.
>>
>> Eric Dumazet (1):
>> af_unix: fix lockdep positive in sk_diag_dump_icons()
>>
>> Yuxuan Luo (1):
>> UBUNTU: SAUCE: af_unix: fix lockdep positive in sk_diag_dump_icons()
>>
>> include/net/af_unix.h | 20 ++++++++++++++------
>> net/unix/af_unix.c | 14 ++++++--------
>> net/unix/diag.c | 2 +-
>> security/apparmor/af_unix.c | 12 +++++-------
>> 4 files changed, 26 insertions(+), 22 deletions(-)
>>
> As stated in Manuel's reply this already was applied to Jammy and
> Focal. I applied the modified commit message of #2 to Mantic and
> reworded the respective change in Jammy and Focal accordingly. Also
> added the CVE number there. And also to patch #1 in Mantic.
>
> Applied to mantic,jammy,focal:linux/master-next. Thanks.
>
> -Stefan
>
More information about the kernel-team
mailing list