APPLIED [OEM-5.17/OEM-6.0/OEM-6.1] Re: [SRU][Bionic, Focal, Jammy, Kinetic, OEM-5.14, OEM-5.17, OEM-6.0, OEM-6.1][PATCH 0/1] CVE-2023-1859
Timo Aaltonen
tjaalton at ubuntu.com
Tue Apr 18 07:33:38 UTC 2023
- Previous message (by thread): ACK/Cmnt: [SRU][Bionic, Focal, Jammy, Kinetic, OEM-5.14, OEM-5.17, OEM-6.0, OEM-6.1][PATCH 0/1] CVE-2023-1859
- Next message (by thread): APPLIED [OEM-5.17/OEM-6.0/OEM-6.1] Re: [SRU][Bionic, Focal, Jammy, Kinetic, OEM-5.14, OEM-5.17, OEM-6.0, OEM-6.1][PATCH 0/1] CVE-2023-1859
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
John Cabaj kirjoitti 17.4.2023 klo 21.08:
> [Impact]
> * A use-after-free vulnerability could exist in xen/9pfs, whereupon after removal of a xen_9pfs device, an attempt to service a response could access a struct that has been freed.
> * Perform requisite clean-up upon removal so further requests cannot be serviced.
>
> [Fix]
> * Clean cherry-picks for all affected kernels
>
> [Test Case]
> * Compile tested
> * Boot tested
>
> [Potential regression]
> * Low risk. Potentially could take longer to remove xen_9pfs device as cancel waits for work to finish.
>
> Zheng Wang (1):
> 9p/xen : Fix use after free bug in xen_9pfs_front_remove due to race
> condition
>
> net/9p/trans_xen.c | 4 ++++
> 1 file changed, 4 insertions(+)
>
applied to current oem kernels, thanks
--
t
- Previous message (by thread): ACK/Cmnt: [SRU][Bionic, Focal, Jammy, Kinetic, OEM-5.14, OEM-5.17, OEM-6.0, OEM-6.1][PATCH 0/1] CVE-2023-1859
- Next message (by thread): APPLIED [OEM-5.17/OEM-6.0/OEM-6.1] Re: [SRU][Bionic, Focal, Jammy, Kinetic, OEM-5.14, OEM-5.17, OEM-6.0, OEM-6.1][PATCH 0/1] CVE-2023-1859
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the kernel-team
mailing list