mbox series

[Focal,Jammy,OEM-5.17,Kinetic,OEM-6.0,OEM-6.1,Lunar,0/1] LP: #2023577

Message ID	20230612174212.3173660-1-cascardo@canonical.com
Headers	show Return-Path: <kernel-team-bounces@lists.ubuntu.com> From: Thadeu Lima de Souza Cascardo <cascardo@canonical.com> To: kernel-team@lists.ubuntu.com Subject: [Focal, Jammy, OEM-5.17, Kinetic, OEM-6.0, OEM-6.1, Lunar 0/1] LP: #2023577 Date: Mon, 12 Jun 2023 14:42:11 -0300 Message-Id: <20230612174212.3173660-1-cascardo@canonical.com> MIME-Version: 1.0 Precedence: list Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" <kernel-team-bounces@lists.ubuntu.com>
Series	LP: #2023577 \| expand [Focal,Jammy,OEM-5.17,Kinetic,OEM-6.0,OEM-6.1,Lunar,0/1] LP: #2023577 [Focal,Jammy,OEM-5.17,Kinetic,OEM-6.0,OEM-6.1,Lunar,1/1] net/sched: flower: fix possible OOB write …

Message ID

20230612174212.3173660-1-cascardo@canonical.com

Headers

From: Thadeu Lima de Souza Cascardo <cascardo@canonical.com>
To: kernel-team@lists.ubuntu.com
Subject: [Focal, Jammy, OEM-5.17, Kinetic, OEM-6.0, OEM-6.1,
 Lunar 0/1] LP: #2023577
Date: Mon, 12 Jun 2023 14:42:11 -0300
Message-Id: <20230612174212.3173660-1-cascardo@canonical.com>
MIME-Version: 1.0
Precedence: list
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
Errors-To: kernel-team-bounces@lists.ubuntu.com
Sender: "kernel-team" <kernel-team-bounces@lists.ubuntu.com>

Series

LP: #2023577 | expand

Message

Thadeu Lima de Souza Cascardo June 12, 2023, 5:42 p.m. UTC

[Impact]
An unprivileged user may cause an out-of-bounds write by setting up geneve
options on the flower classifier.

[Test case]
https://seclists.org/oss-sec/2023/q2/219

[Potential regression]
Users setting up geneve options on the flower tc classifier can be affected.

Hangyu Hua (1):
  net/sched: flower: fix possible OOB write in fl_set_geneve_opt()

 net/sched/cls_flower.c | 3 +++
 1 file changed, 3 insertions(+)

Comments

Khalid Elmously June 12, 2023, 6:01 p.m. UTC | #1

Acked-by: Khalid Elmously <khalid.elmously@canonical.com>

On 2023-06-12 14:42:11 , Thadeu Lima de Souza Cascardo wrote:
> [Impact]
> An unprivileged user may cause an out-of-bounds write by setting up geneve
> options on the flower classifier.
> 
> [Test case]
> https://seclists.org/oss-sec/2023/q2/219
> 
> [Potential regression]
> Users setting up geneve options on the flower tc classifier can be affected.
> 
> Hangyu Hua (1):
>   net/sched: flower: fix possible OOB write in fl_set_geneve_opt()
> 
>  net/sched/cls_flower.c | 3 +++
>  1 file changed, 3 insertions(+)
> 
> -- 
> 2.34.1
> 
> 
> -- 
> kernel-team mailing list
> kernel-team@lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team

Ian May June 12, 2023, 6:11 p.m. UTC | #2

Acked-by: Ian May <ian.may@canonical.com>

On 2023-06-12 14:42:11 , Thadeu Lima de Souza Cascardo wrote:
> [Impact]
> An unprivileged user may cause an out-of-bounds write by setting up geneve
> options on the flower classifier.
> 
> [Test case]
> https://seclists.org/oss-sec/2023/q2/219
> 
> [Potential regression]
> Users setting up geneve options on the flower tc classifier can be affected.
> 
> Hangyu Hua (1):
>   net/sched: flower: fix possible OOB write in fl_set_geneve_opt()
> 
>  net/sched/cls_flower.c | 3 +++
>  1 file changed, 3 insertions(+)
> 
> -- 
> 2.34.1
> 
> 
> -- 
> kernel-team mailing list
> kernel-team@lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team

Andrei Gherzan June 13, 2023, 12:30 p.m. UTC | #3

On 23/06/12 02:42PM, Thadeu Lima de Souza Cascardo wrote:
> [Impact]
> An unprivileged user may cause an out-of-bounds write by setting up geneve
> options on the flower classifier.
> 
> [Test case]
> https://seclists.org/oss-sec/2023/q2/219
> 
> [Potential regression]
> Users setting up geneve options on the flower tc classifier can be affected.
> 
> Hangyu Hua (1):
>   net/sched: flower: fix possible OOB write in fl_set_geneve_opt()
> 
>  net/sched/cls_flower.c | 3 +++
>  1 file changed, 3 insertions(+)
> 
> -- 
> 2.34.1

Acked-by: Andrei Gherzan <andrei.gherzan@canonical.com>

Andrei Gherzan June 13, 2023, 1:03 p.m. UTC | #4

On 23/06/12 02:42PM, Thadeu Lima de Souza Cascardo wrote:
> [Impact]
> An unprivileged user may cause an out-of-bounds write by setting up geneve
> options on the flower classifier.
> 
> [Test case]
> https://seclists.org/oss-sec/2023/q2/219
> 
> [Potential regression]
> Users setting up geneve options on the flower tc classifier can be affected.
> 
> Hangyu Hua (1):
>   net/sched: flower: fix possible OOB write in fl_set_geneve_opt()
> 
>  net/sched/cls_flower.c | 3 +++
>  1 file changed, 3 insertions(+)
> 
> -- 
> 2.34.1

Acked-by: Andrei Gherzan <andrei.gherzan@canonical.com>

Timo Aaltonen June 13, 2023, 1:41 p.m. UTC | #5

Thadeu Lima de Souza Cascardo kirjoitti 12.6.2023 klo 20.42:
> [Impact]
> An unprivileged user may cause an out-of-bounds write by setting up geneve
> options on the flower classifier.
> 
> [Test case]
> https://seclists.org/oss-sec/2023/q2/219
> 
> [Potential regression]
> Users setting up geneve options on the flower tc classifier can be affected.
> 
> Hangyu Hua (1):
>    net/sched: flower: fix possible OOB write in fl_set_geneve_opt()
> 
>   net/sched/cls_flower.c | 3 +++
>   1 file changed, 3 insertions(+)
> 

applied to oem kernels, thanks

Stefan Bader June 14, 2023, 9:51 a.m. UTC | #6

On 12.06.23 19:42, Thadeu Lima de Souza Cascardo wrote:
> [Impact]
> An unprivileged user may cause an out-of-bounds write by setting up geneve
> options on the flower classifier.
> 
> [Test case]
> https://seclists.org/oss-sec/2023/q2/219
> 
> [Potential regression]
> Users setting up geneve options on the flower tc classifier can be affected.
> 
> Hangyu Hua (1):
>    net/sched: flower: fix possible OOB write in fl_set_geneve_opt()
> 
>   net/sched/cls_flower.c | 3 +++
>   1 file changed, 3 insertions(+)
> 

Applied to lunar,kinetic,jammy,focal:linux/master-next. Thanks.

-Stefan