[SRU][N][PATCH 0/1] CVE-2024-42284
Koichiro Den
koichiro.den at canonical.com
Wed Sep 18 05:06:11 UTC 2024
[Impact]
tipc: Return non-zero value from tipc_udp_addr2str() on error
tipc_udp_addr2str() should return non-zero value if the UDP media
address is invalid. Otherwise, a buffer overflow access can occur in
tipc_media_addr_printf(). Fix this by returning 1 on an invalid UDP
media address.
[Fix]
Noble: Clean cherry-pick
Jammy: fixed via stable
Focal: fixed via stable
Bionic: fix sent to esm ML
Xenial: fix sent to esm ML
Trusty: not affected
[Test case]
Compile and boot tested
[Where problem could occur]
This fix affects those who use TIPC protocol, an issue with this fix
would be visible to the user via unpredicted system behavior due to
potential OOB read, or in a less severe case broken messages shown on
kernel ring buffer and/or trace buffer.
Shigeru Yoshida (1):
tipc: Return non-zero value from tipc_udp_addr2str() on error
net/tipc/udp_media.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
--
2.43.0
More information about the kernel-team
mailing list