[SRU][J][PATCH 0/1] CVE-2023-52621
Massimiliano Pellizzer
massimiliano.pellizzer at canonical.com
Tue Sep 24 15:29:11 UTC 2024
[Impact]
bpf: Check rcu_read_lock_trace_held() before calling bpf map helpers
The three bpf_map_{lookup,update,delete}_elem() helper functions are also
available for sleepable bpf programs, the patch adds the corresponding lock
assertion for sleepable bpf programs.
[Fix]
Noble: Fixed
Jammy: Backported the fix commit from linux-6.1.y
Focal: Not affected
Bionic: Not affected
Xenial: Not affected
[Test Case]
Compile tested.
[Where problems could occur]
The fix for CVE-2023-52621 affetcs the BPF subsystem, in particular the
handling of BPF map operations in sleepable BPF programs. A bug in the
patch could lead to kernel warnings or crashes when using BPF maps,
especially when BPF JIT is disabled.
Hou Tao (1):
bpf: Check rcu_read_lock_trace_held() before calling bpf map helpers
kernel/bpf/helpers.c | 14 +++++++++-----
1 file changed, 9 insertions(+), 5 deletions(-)
--
2.43.0
More information about the kernel-team
mailing list