| Message ID | 20231121210416.50033-1-bethany.jamison@canonical.com |
|---|---|
| Headers | show |
| Series | CVE-2023-6176 | expand |
Acked-by: Jacob Martin <jacob.martin@canonical.com> On 11/21/23 3:04 PM, Bethany Jamison wrote: > [Impact] > > A null pointer dereference flaw was found in the Linux kernel API for the > cryptographic algorithm scatterwalk functionality. This issue occurs when a > user constructs a malicious packet with specific socket configuration, > which could allow a local user to crash the system or escalate their > privileges on the system. > > [Fix] > > Clean cherry-pick. > > [Test Case] > > Compile and boot test. > > [Where problems could occur] > > Issues could occur in tls. > > v2: > added Jammy and Lunar tags to patch 1/1 > > v3: > added provenance line > > Liu Jian (1): > net/tls: do not free tls_rec on async operation in > bpf_exec_tx_verdict() > > net/tls/tls_sw.c | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) >
On Tue, Nov 21, 2023 at 03:04:15PM -0600, Bethany Jamison wrote: > [Impact] > > A null pointer dereference flaw was found in the Linux kernel API for the > cryptographic algorithm scatterwalk functionality. This issue occurs when a > user constructs a malicious packet with specific socket configuration, > which could allow a local user to crash the system or escalate their > privileges on the system. > > [Fix] > > Clean cherry-pick. > > [Test Case] > > Compile and boot test. > > [Where problems could occur] > > Issues could occur in tls. > > v2: > added Jammy and Lunar tags to patch 1/1 > > v3: > added provenance line > > Liu Jian (1): > net/tls: do not free tls_rec on async operation in > bpf_exec_tx_verdict() > > net/tls/tls_sw.c | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > -- > 2.34.1 > > > -- > kernel-team mailing list > kernel-team@lists.ubuntu.com > https://lists.ubuntu.com/mailman/listinfo/kernel-team Acked-by: Manuel Diewald <manuel.diewald@canonical.com>
On 21/11/2023 22:04, Bethany Jamison wrote: > [Impact] > > A null pointer dereference flaw was found in the Linux kernel API for the > cryptographic algorithm scatterwalk functionality. This issue occurs when a > user constructs a malicious packet with specific socket configuration, > which could allow a local user to crash the system or escalate their > privileges on the system. > > [Fix] > > Clean cherry-pick. > > [Test Case] > > Compile and boot test. > > [Where problems could occur] > > Issues could occur in tls. > > v2: > added Jammy and Lunar tags to patch 1/1 > > v3: > added provenance line > > Liu Jian (1): > net/tls: do not free tls_rec on async operation in > bpf_exec_tx_verdict() > > net/tls/tls_sw.c | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > Applied to mantic,lunar,jammy:master-next. Thanks! Roxana
[Impact] A null pointer dereference flaw was found in the Linux kernel API for the cryptographic algorithm scatterwalk functionality. This issue occurs when a user constructs a malicious packet with specific socket configuration, which could allow a local user to crash the system or escalate their privileges on the system. [Fix] Clean cherry-pick. [Test Case] Compile and boot test. [Where problems could occur] Issues could occur in tls. v2: added Jammy and Lunar tags to patch 1/1 v3: added provenance line Liu Jian (1): net/tls: do not free tls_rec on async operation in bpf_exec_tx_verdict() net/tls/tls_sw.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)