mbox series

[SRU,Bionic,Focal,Jammy,Kinetic,0/1] CVE-2023-26545

Message ID 20230315233626.935873-1-cengiz.can@canonical.com
Headers show
Series CVE-2023-26545 | expand

Message

Cengiz Can March 15, 2023, 11:36 p.m. UTC 
[Impact]
In the Linux kernel before 6.1.13, there is a double free in
net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table
under a new location) during the renaming of a device.

[Fix]
Clean cherry-pick from upstream.

[Test case]
Boot and basic frame TX/RX tested using Etherate (MT) MPLS Testing Tool.

[Potential regression]
Low. Only empties a pointer and adds a null check for it.

Jakub Kicinski (1):
  net: mpls: fix stale pointer if allocation fails during device rename

 net/mpls/af_mpls.c | 4 ++++
 1 file changed, 4 insertions(+)

--
2.37.2

Comments

Stefan Bader March 16, 2023, 8:53 a.m. UTC | #1 
On 16.03.23 00:36, Cengiz Can wrote:
> [Impact]
> In the Linux kernel before 6.1.13, there is a double free in
> net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table
> under a new location) during the renaming of a device.
> 
> [Fix]
> Clean cherry-pick from upstream.
> 
> [Test case]
> Boot and basic frame TX/RX tested using Etherate (MT) MPLS Testing Tool.
> 
> [Potential regression]
> Low. Only empties a pointer and adds a null check for it.
> 
> Jakub Kicinski (1):
>    net: mpls: fix stale pointer if allocation fails during device rename
> 
>   net/mpls/af_mpls.c | 4 ++++
>   1 file changed, 4 insertions(+)
> 
> --
> 2.37.2
> 
> 

Acked-by: Stefan Bader <stefan.bader@canonical.com>
Luke Nowakowski-Krijger March 16, 2023, 8:12 p.m. UTC | #2 
Acked-by: Luke Nowakowski-Krijger <luke.nowakowskikrijger@canonical.com>

On Wed, Mar 15, 2023 at 4:37 PM Cengiz Can <cengiz.can@canonical.com> wrote:

> [Impact]
> In the Linux kernel before 6.1.13, there is a double free in
> net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl
> table
> under a new location) during the renaming of a device.
>
> [Fix]
> Clean cherry-pick from upstream.
>
> [Test case]
> Boot and basic frame TX/RX tested using Etherate (MT) MPLS Testing Tool.
>
> [Potential regression]
> Low. Only empties a pointer and adds a null check for it.
>
> Jakub Kicinski (1):
>   net: mpls: fix stale pointer if allocation fails during device rename
>
>  net/mpls/af_mpls.c | 4 ++++
>  1 file changed, 4 insertions(+)
>
> --
> 2.37.2
>
>
> --
> kernel-team mailing list
> kernel-team@lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
>
Luke Nowakowski-Krijger March 16, 2023, 8:31 p.m. UTC | #3 
Applied to bionic, focal, jammy, and kinetic linux master-next

Thanks!
- Luke

On Wed, Mar 15, 2023 at 4:37 PM Cengiz Can <cengiz.can@canonical.com> wrote:

> [Impact]
> In the Linux kernel before 6.1.13, there is a double free in
> net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl
> table
> under a new location) during the renaming of a device.
>
> [Fix]
> Clean cherry-pick from upstream.
>
> [Test case]
> Boot and basic frame TX/RX tested using Etherate (MT) MPLS Testing Tool.
>
> [Potential regression]
> Low. Only empties a pointer and adds a null check for it.
>
> Jakub Kicinski (1):
>   net: mpls: fix stale pointer if allocation fails during device rename
>
>  net/mpls/af_mpls.c | 4 ++++
>  1 file changed, 4 insertions(+)
>
> --
> 2.37.2
>
>
> --
> kernel-team mailing list
> kernel-team@lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
>