| Message ID | 20240112220508.113317-1-yuxuan.luo@canonical.com |
|---|---|
| Headers | show |
| Series | CVE-2023-6560 | expand |
Acked-by: Jacob Martin <jacob.martin@canonical.com> On 1/12/24 4:05 PM, Yuxuan Luo wrote: > [Impact] > It has been found that io_uring lacks checking user allocated > discontigous pages in io_uring.c which is not supported at the moment. > Failing to do so might leads to out-of-bound read, leading to potential > memory leak or system crash. > > [Backport] > It is a clean cherry pick. > > [Test] > Tested against test suite in liburing. > > [Potential Regression] > Regression might occur when users allocating memory for their > application using io_uring. > > Jens Axboe (1): > io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP > > io_uring/io_uring.c | 39 +++++++++++++++++++++------------------ > 1 file changed, 21 insertions(+), 18 deletions(-) >
On 12/01/2024 23:05, Yuxuan Luo wrote: > [Impact] > It has been found that io_uring lacks checking user allocated > discontigous pages in io_uring.c which is not supported at the moment. > Failing to do so might leads to out-of-bound read, leading to potential > memory leak or system crash. > > [Backport] > It is a clean cherry pick. > > [Test] > Tested against test suite in liburing. > > [Potential Regression] > Regression might occur when users allocating memory for their > application using io_uring. > > Jens Axboe (1): > io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP > > io_uring/io_uring.c | 39 +++++++++++++++++++++------------------ > 1 file changed, 21 insertions(+), 18 deletions(-) > Acked-by: Roxana Nicolescu <roxana.nicolescu@canonical.com>
On 12-01-2024 23:05, Yuxuan Luo wrote: > [Impact] > It has been found that io_uring lacks checking user allocated > discontigous pages in io_uring.c which is not supported at the moment. > Failing to do so might leads to out-of-bound read, leading to potential > memory leak or system crash. > > [Backport] > It is a clean cherry pick. > > [Test] > Tested against test suite in liburing. > > [Potential Regression] > Regression might occur when users allocating memory for their > application using io_uring. > > Jens Axboe (1): > io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP > > io_uring/io_uring.c | 39 +++++++++++++++++++++------------------ > 1 file changed, 21 insertions(+), 18 deletions(-) > Acked-by: Thibault Ferrante <thibault.ferrante@canonical.com> -- Thibault
On 24/01/12 05:05PM, Yuxuan Luo wrote: > [Impact] > It has been found that io_uring lacks checking user allocated > discontigous pages in io_uring.c which is not supported at the moment. > Failing to do so might leads to out-of-bound read, leading to potential > memory leak or system crash. > > [Backport] > It is a clean cherry pick. > > [Test] > Tested against test suite in liburing. > > [Potential Regression] > Regression might occur when users allocating memory for their > application using io_uring. > > Jens Axboe (1): > io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP > > io_uring/io_uring.c | 39 +++++++++++++++++++++------------------ > 1 file changed, 21 insertions(+), 18 deletions(-) Acked-by: Andrei Gherzan <andrei.gherzan@canonical.com>
On 12.01.24 23:05, Yuxuan Luo wrote: > [Impact] > It has been found that io_uring lacks checking user allocated > discontigous pages in io_uring.c which is not supported at the moment. > Failing to do so might leads to out-of-bound read, leading to potential > memory leak or system crash. > > [Backport] > It is a clean cherry pick. > > [Test] > Tested against test suite in liburing. > > [Potential Regression] > Regression might occur when users allocating memory for their > application using io_uring. > > Jens Axboe (1): > io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP > > io_uring/io_uring.c | 39 +++++++++++++++++++++------------------ > 1 file changed, 21 insertions(+), 18 deletions(-) > Applied to mantic:linux/master-next. Thanks. -Stefan