ACK: [SRU][N][PATCH 0/1] CVE-2025-22088
Edoardo Canepa
edoardo.canepa at canonical.com
Wed Jun 11 09:26:13 UTC 2025
On 04/06/25 17:02, Massimiliano Pellizzer wrote:
> https://ubuntu.com/security/CVE-2025-22088
>
> [ Impact ]
>
> RDMA/erdma: Prevent use-after-free in erdma_accept_newconn()
>
> After the erdma_cep_put(new_cep) being called, new_cep will be freed,
> and the following dereference will cause a UAF problem. Fix this issue.
>
> [ Fix ]
>
> Plucky: Fixed via upstream stable updates
> Oracular: Fixed via upstream stable updates
> Noble: Clean cherry pick from mainline
> Jammy: Not affected
>
> [ Test Plan ]
>
> Compile tested only.
>
> [ Where Problems Could Occur ]
>
> A regression here is unlikely due to the very limited scope
> of the patch.
>
>
Acked-by: Edoardo Canepa <edoardo.canepa at canonical.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0x20F88172E14F6784.asc
Type: application/pgp-keys
Size: 3167 bytes
Desc: OpenPGP public key
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20250611/23bedfbe/attachment.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20250611/23bedfbe/attachment.sig>
More information about the kernel-team
mailing list