[SRU][F/J/OEM-5.17][PATCH 0/1] CVE-2022-28893
Cengiz Can
cengiz.can at canonical.com
Fri Jul 1 02:16:18 UTC 2022
[Impact]
The SUNRPC subsystem in the Linux kernel through 5.17.2 can call
xs_xprt_free before ensuring that sockets are in the intended state.
Issue was introduced with 5.1 and fixed with 5.18.
[Fix]
Fixing commit exports `__fput_sync` symbol for non-GPL and GPL users
with `EXPORT_SYMBOL(..)`. However we already have exported the same
symbol with `EXPORT_SYMBOL_GPL(..)` with a SAUCE patch. After
discussion, we decided to keep that export as GPL-only and ignore the
wider exports of fixing commit.
[Test]
Compile and boot tested on focal, jammy and kinetic (oem-5.17).
[Potential Regression]
It's hard to guess since the exact flow is not shared by author. However
unlikely to cause major issues since sunrpc is only used by NFS, KNFSD
and some other small parts.
Meena Shanmugam (1):
SUNRPC: Ensure we flush any closed sockets before xs_xprt_free()
net/sunrpc/xprt.c | 5 +----
net/sunrpc/xprtsock.c | 16 +++++++++++++---
2 files changed, 14 insertions(+), 7 deletions(-)
--
2.34.1
More information about the kernel-team
mailing list