[SRU][J][PATCH 0/1] CVE-2022-0995 followup
Cengiz Can
cengiz.can at canonical.com
Thu Feb 13 14:04:34 UTC 2025
[ Impact ]
An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s
watch_queue event notification subsystem. This flaw can overwrite parts of
the kernel state, potentially allowing a local user to gain privileged
access or cause a denial of service on the system.
Followup reason: One of the improvement patches was missing from Jammy.
Although it looks like an unrelated patch, it's still relevant to the
CVE fix.
[ Test Plan ]
Compile and boot tested.
[ Where problems could occur ]
Watch queues are used to send notifications between userspace and kernel.
Users might encounter corrupt kernel notifications.
Christophe JAILLET (1):
watch_queue: Use the bitmap API when applicable
kernel/watch_queue.c | 7 ++-----
1 file changed, 2 insertions(+), 5 deletions(-)
--
2.43.0
More information about the kernel-team
mailing list