APPLIED [OEM-5.17/OEM-6.0]: [SRU][Focal-OEM-5.14/Jammy-OEM-5.17/OEM-6.0][PATCH 0/1] CVE-2023-1074
Manuel Diewald
manuel.diewald at canonical.com
Tue Apr 4 07:58:11 UTC 2023
On Fri, Mar 17, 2023 at 02:40:11PM -0400, Yuxuan Luo wrote:
> [Impact]
> It is reported that a type confused pointer is used in SCTP implementation to
> return information to the user space, leading to KASLR leak.
>
> [Backport]
> Clean cherry pick.
>
> [Test]
> Tested against lksctp_tools' func_test in both IPv4 and IPv6.
>
> [Potential Regression]
> Expecting very low potential of regression as the func_test mentioned above
> could serve as a regression test.
>
> Marcelo Ricardo Leitner (1):
> sctp: fail if no bound addresses can be used for a given scope
>
> net/sctp/bind_addr.c | 6 ++++++
> 1 file changed, 6 insertions(+)
>
> --
> 2.34.1
>
>
> --
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
Applied to jammy:linux-oem-5.17 and jammy:linux-oem-6.0. Thank you!
More information about the kernel-team
mailing list