[SRU][Xenial][PATCH 0/1] CVE-2023-2162
Yuxuan Luo
yuxuan.luo at canonical.com
Thu Jun 1 20:47:43 UTC 2023
[Impact]
A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in
drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. In this
flaw an attacker could leak kernel internal information.
[Backport]
It is a clean cherry pick.
[Test]
Compile and smoke tested.
[Potential Regression]
Expecting low regression potential.
Mike Christie (1):
scsi: iscsi_tcp: Fix UAF during login when accessing the shost
ipaddress
drivers/scsi/iscsi_tcp.c | 9 ++++++---
1 file changed, 6 insertions(+), 3 deletions(-)
--
2.34.1
More information about the kernel-team
mailing list