Message ID | 20230510220917.48584-1-yuxuan.luo@canonical.com |
---|---|
Headers | show |
Series | CVE-2022-31436 | expand |
On 5/10/23 5:09 PM, Yuxuan Luo wrote: > [Impact] > When the MTU of the loopback device feeds a large number, net/sched/sch_qfq.c > allows a out-of-bounds read/write error, detriment system's integrity. > > [Backport] > It is a clean cherry pick for all affected releases. > > [Test] > Compile and smoke tested via modprobe and rmmod the sch_fq module. > > [Potential Regression] > Expecting little regression potential since the patch only adds an additional > layer of checking without manipulating the memory. > > Gwangun Jung (1): > net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg > > net/sched/sch_qfq.c | 13 +++++++------ > 1 file changed, 7 insertions(+), 6 deletions(-) >Acked-by: Jacob Martin <jacob.martin@canonical.com>
Sorry, a combination of Thunderbird and myself messed up the formatting on my last ACK. Acked-by: Jacob Martin <jacob.martin@canonical.com> On Wed, May 10, 2023 at 06:09:16PM -0400, Yuxuan Luo wrote: > [Impact] > When the MTU of the loopback device feeds a large number, net/sched/sch_qfq.c > allows a out-of-bounds read/write error, detriment system's integrity. > > [Backport] > It is a clean cherry pick for all affected releases. > > [Test] > Compile and smoke tested via modprobe and rmmod the sch_fq module. > > [Potential Regression] > Expecting little regression potential since the patch only adds an additional > layer of checking without manipulating the memory. > > Gwangun Jung (1): > net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg > > net/sched/sch_qfq.c | 13 +++++++------ > 1 file changed, 7 insertions(+), 6 deletions(-) > > -- > 2.34.1 > > > -- > kernel-team mailing list > kernel-team@lists.ubuntu.com > https://lists.ubuntu.com/mailman/listinfo/kernel-team
Acked-by: Thadeu Lima de Souza Cascardo <cascardo@canonical.com>
Applied to focal,jammy,kinetic,lunar linux master-next Thanks, - Luke On Thu, May 11, 2023 at 12:09 AM Yuxuan Luo <yuxuan.luo@canonical.com> wrote: > [Impact] > When the MTU of the loopback device feeds a large number, > net/sched/sch_qfq.c > allows a out-of-bounds read/write error, detriment system's integrity. > > [Backport] > It is a clean cherry pick for all affected releases. > > [Test] > Compile and smoke tested via modprobe and rmmod the sch_fq module. > > [Potential Regression] > Expecting little regression potential since the patch only adds an > additional > layer of checking without manipulating the memory. > > Gwangun Jung (1): > net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg > > net/sched/sch_qfq.c | 13 +++++++------ > 1 file changed, 7 insertions(+), 6 deletions(-) > > -- > 2.34.1 > > > -- > kernel-team mailing list > kernel-team@lists.ubuntu.com > https://lists.ubuntu.com/mailman/listinfo/kernel-team >