| Message ID | 20230731145003.13459-2-yuxuan.luo@canonical.com |
|---|---|
| State | New |
| Headers | show
Return-Path: <kernel-team-bounces@lists.ubuntu.com> X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=<UNKNOWN>) Authentication-Results: legolas.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=canonical.com header.i=@canonical.com header.a=rsa-sha256 header.s=20210705 header.b=aFBPjuCi; dkim-atps=neutral Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4RF1PS065vz20G9 for <incoming@patchwork.ozlabs.org>; Tue, 1 Aug 2023 00:50:19 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from <kernel-team-bounces@lists.ubuntu.com>) id 1qQUDp-0004pp-PQ; Mon, 31 Jul 2023 14:50:09 +0000 Received: from smtp-relay-internal-1.internal ([10.131.114.114] helo=smtp-relay-internal-1.canonical.com) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from <yuxuan.luo@canonical.com>) id 1qQUDo-0004pZ-2w for kernel-team@lists.ubuntu.com; Mon, 31 Jul 2023 14:50:08 +0000 Received: from mail-ot1-f72.google.com (mail-ot1-f72.google.com [209.85.210.72]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id AF14C3F10A for <kernel-team@lists.ubuntu.com>; Mon, 31 Jul 2023 14:50:07 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1690815007; bh=dKYK3Lj5MY9W0aHcp1oGZ/ir1ckGa/wvJgLWDK8h8fw=; h=From:To:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=aFBPjuCiEyi+5vK4ylQy7kSnb/jWVW5/whu2gRxkRKW/UvPvg186L05CnJhKaPYhf OcIjDFQJ9Wd0Dn74Kcz+Di3TzcYyVk4Sxb8pLAVy4GKr4NkO0lp6pbA45692BoBGu2 sh8+H8NYCfkRDNkDSyt9r0jmJLYaEjJijFkP0NHQjjrqrUIVTGH6V9nMK5Y1o7m+fZ HJlHw/HS70W4jh9cIB6D5V2VznzsP8xMenbYuTn6wO9cEjIRNX1auWf+7DLbbzUFA7 xB53aW6UixhQNKhGEI8Z4AqZrLPVzNTv6TbR2JvInLwx/1HjUf2aU1Tphvahs4WypI 6oFwR731mqBEA== Received: by mail-ot1-f72.google.com with SMTP id 46e09a7af769-6bc807e99adso5753758a34.2 for <kernel-team@lists.ubuntu.com>; Mon, 31 Jul 2023 07:50:07 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1690815006; x=1691419806; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=dKYK3Lj5MY9W0aHcp1oGZ/ir1ckGa/wvJgLWDK8h8fw=; b=QneEFVIYP+AFaCQywIQx5swbXXt7tGbObFwUqMrjJtD62iwPmmu/0HRcvV8YfoF79+ feK4VjlE0BRhu+fO0LseG8Ox+UXolyVJ1ZId1VkhJMVU+G/nr4iozYTlY0XJ3syn/FiC uGjvxME9prulC9cCTSvWLKoTZuFuDcycuc5Q5+lS8hx7ZhtAbZ8yViCoeE3HmZ5zdQcf ExITR0x+s8jJwCpU+dRZ7Poi0nXVw+c4n3M1E4a59h0YpIakAMi2ArCBOECCbtQIzUWq FDk6Q+w9JSbBdnnMceu3iKkrwo5/1IYh1sF4Ni1f/kHKJ1xn2xnuNNlC9Q3g0sNHIS6R 5s8g== X-Gm-Message-State: ABy/qLbglekH1OFK2kpajIN8JdcjPyUY68ev0RvCAcL+D/wKIGkKDbSp cOQRQPUH5jVZRox4Owh0rUgWhIWYftKU+HMVcD1H06Y6KGm+Syu49cjNHASktB1PxszuJWUgZCa 5fgw0LGb0Nl/Y9ekGAHMhFlsYPNPBa0NL8pGr6Rd42Sn159KP1w== X-Received: by 2002:a05:6358:419b:b0:134:ce45:b782 with SMTP id w27-20020a056358419b00b00134ce45b782mr165008rwc.21.1690815006196; Mon, 31 Jul 2023 07:50:06 -0700 (PDT) X-Google-Smtp-Source: APBJJlHjD6Qak2QTRf8HApYYpeOLE7dOokupMK3u1yYpTygkYN9IWm0jFA/D/ilnZSiX7rNe+9XUfw== X-Received: by 2002:a05:6358:419b:b0:134:ce45:b782 with SMTP id w27-20020a056358419b00b00134ce45b782mr164996rwc.21.1690815005865; Mon, 31 Jul 2023 07:50:05 -0700 (PDT) Received: from cache-ubuntu.hsd1.nj.comcast.net ([2601:86:200:98b0:efbf:72b2:3777:4551]) by smtp.gmail.com with ESMTPSA id 3-20020ac85743000000b00403b44bc230sm3539317qtx.95.2023.07.31.07.50.05 for <kernel-team@lists.ubuntu.com> (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 31 Jul 2023 07:50:05 -0700 (PDT) From: Yuxuan Luo <yuxuan.luo@canonical.com> To: kernel-team@lists.ubuntu.com Subject: [SRU][Jammy-OEM-5.17/OEM-6.0][PATCH 1/1] prlimit: do_prlimit needs to have a speculation check Date: Mon, 31 Jul 2023 10:50:03 -0400 Message-Id: <20230731145003.13459-2-yuxuan.luo@canonical.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230731145003.13459-1-yuxuan.luo@canonical.com> References: <20230731145003.13459-1-yuxuan.luo@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions <kernel-team.lists.ubuntu.com> List-Unsubscribe: <https://lists.ubuntu.com/mailman/options/kernel-team>, <mailto:kernel-team-request@lists.ubuntu.com?subject=unsubscribe> List-Archive: <https://lists.ubuntu.com/archives/kernel-team> List-Post: <mailto:kernel-team@lists.ubuntu.com> List-Help: <mailto:kernel-team-request@lists.ubuntu.com?subject=help> List-Subscribe: <https://lists.ubuntu.com/mailman/listinfo/kernel-team>, <mailto:kernel-team-request@lists.ubuntu.com?subject=subscribe> Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" <kernel-team-bounces@lists.ubuntu.com> |
| Series |
CVE-2023-0458
|
expand
|
diff --git a/kernel/sys.c b/kernel/sys.c index 1452780c2aff..dc4857fb1b60 100644 --- a/kernel/sys.c +++ b/kernel/sys.c @@ -1454,6 +1454,8 @@ static int do_prlimit(struct task_struct *tsk, unsigned int resource, if (resource >= RLIM_NLIMITS) return -EINVAL; + resource = array_index_nospec(resource, RLIM_NLIMITS); + if (new_rlim) { if (new_rlim->rlim_cur > new_rlim->rlim_max) return -EINVAL;