APPLIED Re: [SRU][OEM-5.17/OEM-6.0][PATCH 0/1] CVE-2023-23455
Timo Aaltonen
tjaalton at ubuntu.com
Tue Apr 18 08:01:15 UTC 2023
Yuxuan Luo kirjoitti 5.4.2023 klo 22.53:
> [Impact]
> Kyle Zeng discovered that the ATM VC queuing discipline implementation in
> the Linux kernel contained a type confusion vulnerability in some
> situations. An attacker could use this to cause a denial of service (system
> crash).
>
> [Backport]
> Clean cherry pick.
>
> [Test]
> Compile and smoke tested by modprobe/rmmod sch_net.
>
> [Potential Regression]
> Very low, since this fix only add an exception to a condition checking.
>
> Jamal Hadi Salim (1):
> net: sched: atm: dont intepret cls results when asked to drop
>
> net/sched/sch_atm.c | 5 ++++-
> 1 file changed, 4 insertions(+), 1 deletion(-)
>
applied to oem-5.17 & -6.0, thanks.
--
t
More information about the kernel-team
mailing list