APPLIED: [SRU Kinetic 0/1] CVE-2022-47929
Stefan Bader
stefan.bader at canonical.com
Tue Mar 14 09:08:09 UTC 2023
On 09.03.23 12:34, Cengiz Can wrote:
> [Impact]
> In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic
> control subsystem allows an unprivileged user to trigger a denial of service
> (system crash) via a crafted traffic control configuration that is set up with
> "tc qdisc" and "tc class" commands. This affects qdisc_graft in
> net/sched/sch_api.c.
>
> [Fix]
> Clean cherry pick froom upstream.
>
> [Test case]
> Compile, boot and PoC tested under KVM.
>
> [Potential regression]
> Low.
>
> Frederick Lawler (1):
> net: sched: disallow noqueue for qdisc classes
>
> net/sched/sch_api.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
> --
> 2.37.2
>
>
Applied to kinetic:linux/master-next. Thanks.
-Stefan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0xE8675DEECBEECEA3.asc
Type: application/pgp-keys
Size: 44613 bytes
Desc: OpenPGP public key
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20230314/33b761db/attachment-0001.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20230314/33b761db/attachment-0001.sig>
More information about the kernel-team
mailing list