ACK: [SRU OEM-5.17,OEM-6.0 0/1] CVE-2023-32269
Roxana Nicolescu
roxana.nicolescu at canonical.com
Thu Aug 3 11:32:28 UTC 2023
On 31/07/2023 22:25, Thadeu Lima de Souza Cascardo wrote:
> [Impact]
> It was discovered that the NET/ROM protocol implementation in the Linux
> kernel contained a race condition in some situations, leading to a use-
> after-free vulnerability. A local attacker could use this to cause a denial
> of service (system crash) or possibly execute arbitrary code.
>
> [Potential regression]
> NET/ROM users may notice regressions, specially if trying to listen to
> reused sockets.
>
> Hyunwoo Kim (1):
> netrom: Fix use-after-free caused by accept on already connected
> socket
>
> net/netrom/af_netrom.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
Acked-by: Roxana Nicolescu <roxana.nicolescu at canonical.com>
More information about the kernel-team
mailing list