[SRU][F/J/OEM-5.17][PATCH 0/1] CVE-2022-28893
Thadeu Lima de Souza Cascardo
cascardo at canonical.com
Fri Jul 1 09:23:03 UTC 2022
On Fri, Jul 01, 2022 at 05:16:18AM +0300, Cengiz Can wrote:
> [Impact]
> The SUNRPC subsystem in the Linux kernel through 5.17.2 can call
> xs_xprt_free before ensuring that sockets are in the intended state.
>
> Issue was introduced with 5.1 and fixed with 5.18.
>
> [Fix]
> Fixing commit exports `__fput_sync` symbol for non-GPL and GPL users
> with `EXPORT_SYMBOL(..)`. However we already have exported the same
> symbol with `EXPORT_SYMBOL_GPL(..)` with a SAUCE patch. After
> discussion, we decided to keep that export as GPL-only and ignore the
> wider exports of fixing commit.
>
> [Test]
> Compile and boot tested on focal, jammy and kinetic (oem-5.17).
>
> [Potential Regression]
> It's hard to guess since the exact flow is not shared by author. However
> unlikely to cause major issues since sunrpc is only used by NFS, KNFSD
> and some other small parts.
>
> Meena Shanmugam (1):
> SUNRPC: Ensure we flush any closed sockets before xs_xprt_free()
>
> net/sunrpc/xprt.c | 5 +----
> net/sunrpc/xprtsock.c | 16 +++++++++++++---
> 2 files changed, 14 insertions(+), 7 deletions(-)
>
> --
> 2.34.1
>
What about commit aad41a7d7cf6c6fa804c872a2480f8e541da37cf ("SUNRPC: Don't leak
sockets in xs_local_connect()")?
It has
Fixes: f00432063db1 ("SUNRPC: Ensure we flush any closed sockets before xs_xprt_free()")
Cascardo.
More information about the kernel-team
mailing list