ACK/Cmt: [SRU][F][PATCH 0/1] CVE-2024-42068
Massimiliano Pellizzer
massimiliano.pellizzer at canonical.com
Fri Oct 11 09:32:11 UTC 2024
On Fri, 11 Oct 2024 at 10:09, Guoqing Jiang <guoqing.jiang at canonical.com> wrote:
>
>
>
> On 10/10/24 19:14, Massimiliano Pellizzer wrote:
> > [Impact]
> >
> > bpf: Take return from set_memory_ro() into account with bpf_prog_lock_ro()
> >
> > set_memory_ro() can fail, leaving memory unprotected.
> > Check its return and take it into account as an error.
> >
> > [Fix]
> >
> > Noble: Fixed
> > Jammy: Fixed
> > Focal: Backported from linux-6.9.y
>
> Looks commit a359696856ca was merged into v5.15.162, not sure if it can
> be clean applied on Focal.
>
> Acked-by: Guoqing Jiang <guoqing.jiang at canonical.com>
>
> Thanks,
> Guoqing
>
Commit a359696856ca can not be cherry picked cleanly either because of
the same problem that the patch for linux-6.9.y has: the for loops in
kernel/bpf/verifier.c
start with different values.
Thanks for reviewing.
> > Bionic: Sent to ESM ML
> > Xenial: Sent to ESM ML
> >
> > [Test Case]
> >
> > Compile and boot tested.
> >
> > [Where problems could occur]
> >
> > The fix affects the eBPF subsystem, particularly memory protection in
> > BPF programs. An issue with this fix may lead to kernel crashes during
> > memory operations, especially when using eBPF-based tools. Users could
> > also experience application crashes or failures in eBPF dependent
> > applications.
> >
> > Christophe Leroy (1):
> > bpf: Take return from set_memory_ro() into account with
> > bpf_prog_lock_ro()
> >
> > include/linux/filter.h | 5 +++--
> > kernel/bpf/core.c | 4 +++-
> > kernel/bpf/verifier.c | 8 ++++++--
> > 3 files changed, 12 insertions(+), 5 deletions(-)
> >
>
--
Massimiliano Pellizzer
More information about the kernel-team
mailing list