ACK: [SRU][M][PATCH 0/1] CVE-2023-52880
Thibault Ferrante
thibault.ferrante at canonical.com
Wed Jun 5 19:03:47 UTC 2024
On 05-06-2024 20:54, Bethany Jamison wrote:
> [Impact]
>
> tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc
>
> Any unprivileged user can attach N_GSM0710 ldisc, but it requires
> CAP_NET_ADMIN to create a GSM network anyway.
>
> Require initial namespace CAP_NET_ADMIN to do that.
>
> [Fix]
>
> Noble: fixed via stable
> Jammy: fixed via stable
> Mantic: Clean cherry-pick
> Focal: not-affected
> Bionic: not-affected
> Xenial: not-affected
> Trusty: not-affected
>
> [Test Case]
>
> Compile and boot tested.
>
> [Where problems could occur]
>
> This fix affects those who use the GSM 0710 tty multiplexor
> driver, an issue with this fix would be visible to the user
> via unexpected behavior.
>
> Thadeu Lima de Souza Cascardo (1):
> tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc
>
> drivers/tty/n_gsm.c | 3 +++
> 1 file changed, 3 insertions(+)
>
Acked-by: Thibault Ferrante <thibault.ferrante at canonical.com>
--
Thibault
More information about the kernel-team
mailing list