| Message ID | 20220127205812.34060-1-cascardo@canonical.com |
|---|---|
| Headers | show |
| Series | CVE-2022-22942 | expand |
On Thu, Jan 27, 2022 at 12:59 PM Thadeu Lima de Souza Cascardo < cascardo@canonical.com> wrote: > [Impact] > Unprivileged users with DRM access on a system using vmwgfx could gain > access to files opened by other processes. > > [Fix] > Backports were provided by author and tested on kernels 4.15, 5.4, 5.10, > 5.11, 5.13, 5.14 and 5.15. > > [Test case] > A program that exercises the changed path gets EFAULT as expected. > > [Potential regression] > Only vmwgfx users should be affected. > > Mathias Krause (1): > UBUNTU: SAUCE: drm/vmwgfx: Fix stale file descriptors on failed > usercopy > > drivers/gpu/drm/vmwgfx/vmwgfx_drv.h | 5 ++-- > drivers/gpu/drm/vmwgfx/vmwgfx_execbuf.c | 34 ++++++++++++------------- > drivers/gpu/drm/vmwgfx/vmwgfx_fence.c | 2 +- > drivers/gpu/drm/vmwgfx/vmwgfx_kms.c | 2 +- > 4 files changed, 21 insertions(+), 22 deletions(-) > > -- > 2.32.0 > > Acked-by: Luke Nowakowski-Krijger <luke.nowakowskikrijger@canonical.com> - Luke > > -- > kernel-team mailing list > kernel-team@lists.ubuntu.com > https://lists.ubuntu.com/mailman/listinfo/kernel-team >
Acked-by: Ian May <ian.may@canonical.com> On 2022-01-27 17:58:10 , Thadeu Lima de Souza Cascardo wrote: > [Impact] > Unprivileged users with DRM access on a system using vmwgfx could gain > access to files opened by other processes. > > [Fix] > Backports were provided by author and tested on kernels 4.15, 5.4, 5.10, > 5.11, 5.13, 5.14 and 5.15. > > [Test case] > A program that exercises the changed path gets EFAULT as expected. > > [Potential regression] > Only vmwgfx users should be affected. > > Mathias Krause (1): > UBUNTU: SAUCE: drm/vmwgfx: Fix stale file descriptors on failed > usercopy > > drivers/gpu/drm/vmwgfx/vmwgfx_drv.h | 5 ++-- > drivers/gpu/drm/vmwgfx/vmwgfx_execbuf.c | 34 ++++++++++++------------- > drivers/gpu/drm/vmwgfx/vmwgfx_fence.c | 2 +- > drivers/gpu/drm/vmwgfx/vmwgfx_kms.c | 2 +- > 4 files changed, 21 insertions(+), 22 deletions(-) > > -- > 2.32.0 > > > -- > kernel-team mailing list > kernel-team@lists.ubuntu.com > https://lists.ubuntu.com/mailman/listinfo/kernel-team
On 27.1.2022 22.58, Thadeu Lima de Souza Cascardo wrote: > [Impact] > Unprivileged users with DRM access on a system using vmwgfx could gain > access to files opened by other processes. > > [Fix] > Backports were provided by author and tested on kernels 4.15, 5.4, 5.10, > 5.11, 5.13, 5.14 and 5.15. > > [Test case] > A program that exercises the changed path gets EFAULT as expected. > > [Potential regression] > Only vmwgfx users should be affected. > > Mathias Krause (1): > UBUNTU: SAUCE: drm/vmwgfx: Fix stale file descriptors on failed > usercopy > > drivers/gpu/drm/vmwgfx/vmwgfx_drv.h | 5 ++-- > drivers/gpu/drm/vmwgfx/vmwgfx_execbuf.c | 34 ++++++++++++------------- > drivers/gpu/drm/vmwgfx/vmwgfx_fence.c | 2 +- > drivers/gpu/drm/vmwgfx/vmwgfx_kms.c | 2 +- > 4 files changed, 21 insertions(+), 22 deletions(-) > applied to oem-5.14, thanks
On Thu, Jan 27, 2022 at 05:58:10PM -0300, Thadeu Lima de Souza Cascardo wrote: > [Impact] > Unprivileged users with DRM access on a system using vmwgfx could gain > access to files opened by other processes. > > [Fix] > Backports were provided by author and tested on kernels 4.15, 5.4, 5.10, > 5.11, 5.13, 5.14 and 5.15. > > [Test case] > A program that exercises the changed path gets EFAULT as expected. > > [Potential regression] > Only vmwgfx users should be affected. Applied to jammy/linux, thanks! -Andrea
[Impact] Unprivileged users with DRM access on a system using vmwgfx could gain access to files opened by other processes. [Fix] Backports were provided by author and tested on kernels 4.15, 5.4, 5.10, 5.11, 5.13, 5.14 and 5.15. [Test case] A program that exercises the changed path gets EFAULT as expected. [Potential regression] Only vmwgfx users should be affected. Mathias Krause (1): UBUNTU: SAUCE: drm/vmwgfx: Fix stale file descriptors on failed usercopy drivers/gpu/drm/vmwgfx/vmwgfx_drv.h | 5 ++-- drivers/gpu/drm/vmwgfx/vmwgfx_execbuf.c | 34 ++++++++++++------------- drivers/gpu/drm/vmwgfx/vmwgfx_fence.c | 2 +- drivers/gpu/drm/vmwgfx/vmwgfx_kms.c | 2 +- 4 files changed, 21 insertions(+), 22 deletions(-)