Message ID | 1551798931-28747-1-git-send-email-tyhicks@canonical.com |
---|---|
Headers | show |
Series | CVE-2019-9003 - IPMI use-after-free | expand |
On 3/5/19 4:15 PM, Tyler Hicks wrote: > https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-9003.html > > In the Linux kernel before 4.20.5, attackers can trigger a > drivers/char/ipmi/ipmi_msghandler.c use-after-free and OOPS by arranging > for certain simultaneous execution of the code, as demonstrated by a > "service ipmievd restart" loop. > > Clean cherry pick. Build logs are clean. Smoke tested by booting the Cosmic > kernel and loading the ipmi_msghandler module. > > Tyler > > Yang Yingliang (1): > ipmi: fix use-after-free of user->release_barrier.rda > > drivers/char/ipmi/ipmi_msghandler.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > Applied to cosmic/master-next branch. Thanks, Kleber