ACK: [SRU][F][PATCH 0/1] CVE-2024-38662
Yuxuan Luo
yuxuan.luo at canonical.com
Wed Nov 20 19:04:11 UTC 2024
On Thu, Nov 14, 2024 at 10:38:05PM +0100, Massimiliano Pellizzer wrote:
Acked-by: Yuxuan Luo <yuxuan.luo at canonical.com>
> [Impact]
>
> bpf: Allow delete from sockmap/sockhash only if update is allowed
>
> From now on only BPF programs which were previously allowed to update
> sockmap/sockhash can delete from these map types.
>
> [Fix]
>
> Noble: Fixed via stable updates (f8457aa6c401bf)
> Jammy: Fixed via stable updates (4aaeb3bf863dc1c)
> Focal: Backported from mainline
> Bionic: Not affected
> Xenial: Not affected
>
> [Test Case]
>
> Compile tested only.
>
> [Where problems could occur]
>
> The fix affects the BPF subsystem and in particular sockmap and sockhash
> structures. Users may see kernel warnings or experience system
> instability while performing socket operations when utilizing BPF-based
> socket management.
>
> Jakub Sitnicki (1):
> bpf: Allow delete from sockmap/sockhash only if update is allowed
>
> kernel/bpf/verifier.c | 2 --
> 1 file changed, 2 deletions(-)
>
> --
> 2.43.0
>
>
> --
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
More information about the kernel-team
mailing list