From patchwork Fri Jun 28 08:23:46 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Juerg Haefliger X-Patchwork-Id: 1953830 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.ubuntu.com (client-ip=185.125.189.65; helo=lists.ubuntu.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=patchwork.ozlabs.org) Received: from lists.ubuntu.com (lists.ubuntu.com [185.125.189.65]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4W9T446gk9z20Zy for ; Fri, 28 Jun 2024 18:24:04 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=lists.ubuntu.com) by lists.ubuntu.com with esmtp (Exim 4.86_2) (envelope-from ) id 1sN6ta-0001RJ-8x; Fri, 28 Jun 2024 08:23:50 +0000 Received: from smtp-relay-internal-1.internal ([10.131.114.114] helo=smtp-relay-internal-1.canonical.com) by lists.ubuntu.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1sN6tZ-0001RC-Ls for kernel-team@lists.ubuntu.com; Fri, 28 Jun 2024 08:23:49 +0000 Received: from mail-ej1-f70.google.com (mail-ej1-f70.google.com [209.85.218.70]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id 671C63FE1C for ; Fri, 28 Jun 2024 08:23:49 +0000 (UTC) Received: by mail-ej1-f70.google.com with SMTP id a640c23a62f3a-a7244d1b086so28858366b.3 for ; Fri, 28 Jun 2024 01:23:49 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1719563029; x=1720167829; h=content-transfer-encoding:mime-version:message-id:date:subject:to :from:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=YomkF0TipyvubIBhVBqYFvPlU5fPitlrG0gHruCts+o=; b=QBJUlYjQHIc10ig9hOYKRpW0gnzuRG/xpugs6tWcTWif/hPbopslMSaf2/YqTKaa8e Oh684iOSIjj6I7FYgduNppT3PklUb2StlAv5I4FSXI5328Y0wzSgaaM6Mz+gddIAUlMK clcZjd7cHkDJ8FIe16P12TAAY9J6x70R3FfEWlgTk52LMO9yFDQ6pbuCcnrsyXI/jowx Ms7/pF9sqCcKqfSiXGf+oqA2NCtOmHyfPiiuFiNCupdffMvpqJfPwmzvJu1mYju/gT+9 fSGLRPqxK6yZktzXlo8Q9tmcO+xlrUM4ZZ1rTmCspVBoxGINHTuP7zV7P+rr2Ncl1+Lk wIiQ== X-Gm-Message-State: AOJu0Yy5y68HKbSB4QZdNEEwQ1CUTil/RVb767gWqpgZ1AEYvd+Ij8m3 g2wY1qMkPDyEmVNnKSXT4/UYzWPF8LKxnuEXQ4oQs9p9JWbTV/59gzfcUVAzr8gWImvTMLRvQ6k +zFXRLt62sJ8nV2kaRjxAO+qQku2iFSPNv4Hg3oMKfGXVQtvoRrNhqMQ/a1RPtlgpER1zdWK+JS DY1r+waFJCxg== X-Received: by 2002:a50:bb69:0:b0:57c:da58:51e7 with SMTP id 4fb4d7f45d1cf-57d4bd562f5mr11409820a12.1.1719563028963; Fri, 28 Jun 2024 01:23:48 -0700 (PDT) X-Google-Smtp-Source: AGHT+IGsrq7dD4RQ+KZwJeJAjsVo/hdpefQH9Rn2Yf7f4BjwkXKDhECSS6KuuCjdKP11PtaxZkKcyw== X-Received: by 2002:a50:bb69:0:b0:57c:da58:51e7 with SMTP id 4fb4d7f45d1cf-57d4bd562f5mr11409812a12.1.1719563028553; Fri, 28 Jun 2024 01:23:48 -0700 (PDT) Received: from localhost ([81.221.247.52]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-58613816614sm659436a12.54.2024.06.28.01.23.47 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Jun 2024 01:23:48 -0700 (PDT) From: Juerg Haefliger To: kernel-team@lists.ubuntu.com Subject: [SRU][F][PATCH 0/1] CVE-2022-48674 Date: Fri, 28 Jun 2024 10:23:46 +0200 Message-Id: <20240628082347.3176650-1-juerg.haefliger@canonical.com> X-Mailer: git-send-email 2.40.1 MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" https://ubuntu.com/security/CVE-2022-48674 [ Impact ] During stress testing with CONFIG_SMP disabled, KASAN reports as below: ================================================================== BUG: KASAN: use-after-free in __mutex_lock+0xe5/0xc30 Read of size 8 at addr ffff8881094223f8 by task stress/7789 [ Test Case ] Compile tested only. [ Where Problems Could Occur ] Isolated to the erofs driver. Only users of that filesystem may encounter issue. But CONFIG_SMP is enabled in Ubuntu so this change should not make any difference at all. Gao Xiang (1): erofs: fix pcluster use-after-free on UP platforms fs/erofs/internal.h | 29 ----------------------------- 1 file changed, 29 deletions(-) Acked-by: Manuel Diewald Acked-by: Stefan Bader