[SRU][M][PATCH 0/1] CVE-2023-52880
Bethany Jamison
bethany.jamison at canonical.com
Wed Jun 5 18:54:44 UTC 2024
[Impact]
tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc
Any unprivileged user can attach N_GSM0710 ldisc, but it requires
CAP_NET_ADMIN to create a GSM network anyway.
Require initial namespace CAP_NET_ADMIN to do that.
[Fix]
Noble: fixed via stable
Jammy: fixed via stable
Mantic: Clean cherry-pick
Focal: not-affected
Bionic: not-affected
Xenial: not-affected
Trusty: not-affected
[Test Case]
Compile and boot tested.
[Where problems could occur]
This fix affects those who use the GSM 0710 tty multiplexor
driver, an issue with this fix would be visible to the user
via unexpected behavior.
Thadeu Lima de Souza Cascardo (1):
tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc
drivers/tty/n_gsm.c | 3 +++
1 file changed, 3 insertions(+)
--
2.34.1
More information about the kernel-team
mailing list