[SRU][F/J/L][PATCH 0/1] CVE-2023-3772
Stefan Bader
stefan.bader at canonical.com
Mon Sep 11 09:33:34 UTC 2023
On 07.09.23 23:56, Yuxuan Luo wrote:
>
> On 9/7/23 03:48, Stefan Bader wrote:
>> On 07.09.23 00:30, Yuxuan Luo wrote:
>>> [Impact]
>>> A flaw was found in the Linux kernel’s IP framework for transforming
>>> packets (XFRM subsystem). This issue may allow a malicious user with
>>> CAP_NET_ADMIN privileges to directly dereference a NULL pointer in
>>> xfrm_update_ae_params(), leading to a possible kernel crash and
>>> denial of
>>> service.
>>>
>>> [Backport]
>>> Clean cherry picks.
>>> There are two .patch files because the one for Jammy and Lunar cannot be
>>> applied clean on Focal using 'git am'.
>>
>> If it is only minor context, "git am -C2" *sometimes* works.
>
> From your perspective, would you prefer separate .patch files or a
> single file
>
> with a note "this is a clean cherry pick for xxx releases"?
A single file with note (that it might need reduced context for some
series) as this is only one item to look at.
>
>>
>>>
>>> [Test]
>>> Compile and boot tested.
>>>
>>> [Potential Regression]
>>> Expect minial regression.
>>>
>>> Lin Ma (1):
>>> xfrm: add NULL check in xfrm_update_ae_params
>>>
>>> net/xfrm/xfrm_user.c | 2 +-
>>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>>
>>
>> Acked-by: Stefan Bader <stefan.bader at canonical.com>
--
- Stefan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0xE8675DEECBEECEA3.asc
Type: application/pgp-keys
Size: 44613 bytes
Desc: OpenPGP public key
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20230911/410e6879/attachment-0001.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20230911/410e6879/attachment-0001.sig>
More information about the kernel-team
mailing list