APPLIED: [SRU][J][PATCH 0/1] CVE-2022-0995 followup
Koichiro Den
koichiro.den at canonical.com
Fri Feb 21 02:57:31 UTC 2025
On Thu, Feb 13, 2025 at 05:04:34PM GMT, Cengiz Can wrote:
> [ Impact ]
>
> An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s
> watch_queue event notification subsystem. This flaw can overwrite parts of
> the kernel state, potentially allowing a local user to gain privileged
> access or cause a denial of service on the system.
>
> Followup reason: One of the improvement patches was missing from Jammy.
> Although it looks like an unrelated patch, it's still relevant to the
> CVE fix.
>
> [ Test Plan ]
>
> Compile and boot tested.
>
> [ Where problems could occur ]
>
> Watch queues are used to send notifications between userspace and kernel.
> Users might encounter corrupt kernel notifications.
>
> Christophe JAILLET (1):
> watch_queue: Use the bitmap API when applicable
>
> kernel/watch_queue.c | 7 ++-----
> 1 file changed, 2 insertions(+), 5 deletions(-)
>
Applied to jammy:linux master-next branch. Thanks!
More information about the kernel-team
mailing list