ACK: [SRU][N][PATCH 0/1] CVE-2024-56672
Koichiro Den
koichiro.den at canonical.com
Tue Feb 11 11:44:30 UTC 2025
On Mon, Feb 10, 2025 at 02:37:14PM GMT, Massimiliano Pellizzer wrote:
> [Impact]
>
> blk-cgroup: Fix UAF in blkcg_unpin_online()
>
> blkcg_unpin_online() walks up the blkcg hierarchy putting the online pin. To
> walk up, it uses blkcg_parent(blkcg) but it was calling that after
> blkcg_destroy_blkgs(blkcg) which could free the blkcg, leading to a UAF.
>
> Fix it by reading the parent pointer before destroying the blkcg's blkg's.
>
> [Fix]
>
> Oracular: Fixed via upstream stable updates (LP: #2097332)
> Noble: Cherry picked from mainline
> Jammy: Fixed via upstream stable updates (LP: #2097298)
> Focal: Not affected
>
> [Test case]
>
> Compile tested only.
>
> [Where problems could occur]
>
> A regression here is unlikely due to the very limited scope of the
> patch.
>
> Tejun Heo (1):
> blk-cgroup: Fix UAF in blkcg_unpin_online()
>
> block/blk-cgroup.c | 6 +++++-
> 1 file changed, 5 insertions(+), 1 deletion(-)
>
Acked-by: Koichiro Den <koichiro.den at canonical.com>
More information about the kernel-team
mailing list