[SRU][F/J/L][PATCH 0/1] CVE-2023-3772
Yuxuan Luo
yuxuan.luo at canonical.com
Thu Sep 7 21:56:51 UTC 2023
On 9/7/23 03:48, Stefan Bader wrote:
> On 07.09.23 00:30, Yuxuan Luo wrote:
>> [Impact]
>> A flaw was found in the Linux kernel’s IP framework for transforming
>> packets (XFRM subsystem). This issue may allow a malicious user with
>> CAP_NET_ADMIN privileges to directly dereference a NULL pointer in
>> xfrm_update_ae_params(), leading to a possible kernel crash and
>> denial of
>> service.
>>
>> [Backport]
>> Clean cherry picks.
>> There are two .patch files because the one for Jammy and Lunar cannot be
>> applied clean on Focal using 'git am'.
>
> If it is only minor context, "git am -C2" *sometimes* works.
From your perspective, would you prefer separate .patch files or a
single file
with a note "this is a clean cherry pick for xxx releases"?
>
>>
>> [Test]
>> Compile and boot tested.
>>
>> [Potential Regression]
>> Expect minial regression.
>>
>> Lin Ma (1):
>> xfrm: add NULL check in xfrm_update_ae_params
>>
>> net/xfrm/xfrm_user.c | 2 +-
>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>
>
> Acked-by: Stefan Bader <stefan.bader at canonical.com>
More information about the kernel-team
mailing list