APPLIED: [SRU][F/J/L linux][PATCH 0/1] CVE-2023-34319
Roxana Nicolescu
roxana.nicolescu at canonical.com
Fri Sep 29 07:37:26 UTC 2023
On 26/09/2023 00:07, Yuxuan Luo wrote:
> [Impact]
> Ross Lagerwall discovered that the Xen netback backend driver in the
> Linux kernel did not properly handle certain unusual packets from a
> paravirtualized network frontend, leading to a buffer overflow. An
> attacker in a guest VM could use this to cause a denial of service (host
> system crash) or possibly execute arbitrary code.
>
> [Backport]
> All clean cherry pick.
>
> [Test]
> Compile and boot tested.
>
> [Potential Regression]
> Expect low regresssion potential since it has already been backported in
> the same way to multiple stable branches.
>
> Ross Lagerwall (1):
> xen/netback: Fix buffer overrun triggered by unusual packet
>
> drivers/net/xen-netback/netback.c | 15 ++++++++++-----
> 1 file changed, 10 insertions(+), 5 deletions(-)
>
Applied to focal,jammy,lunar:master-next. Thanks!
Roxana
More information about the kernel-team
mailing list