blob: de692f1287bb5b36b03119d1ef2872a9f7dec8a2 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
|
Description: io_uring: fix xa_alloc_cycle() error return value check
References:
https://bugzilla.redhat.com/show_bug.cgi?id=1997328
https://bugzilla.suse.com/show_bug.cgi?id=1197393
https://github.com/opensrcsec/same_type_object_reuse_exploits/blob/main/cve-2022-1043.c
Notes:
carnil> Introduced by 61cf93700fe6 ("io_uring: Convert personality_idr
carnil> to XArray") in 5.12-rc3 (got backported to 5.10.51).
Bugs:
upstream: released (5.14-rc7) [a30f895ad3239f45012e860d4f94c1a388b36d14]
5.10-upstream-stable: released (5.10.61) [695ab28a7fa107d0350ab19eba8ec89fac45a95d]
4.19-upstream-stable: N/A "Vulnerable code not present"
4.9-upstream-stable: N/A "Vulnerable code not present"
sid: released (5.14.6-1)
5.10-bullseye-security: released (5.10.70-1)
4.19-buster-security: N/A "Vulnerable code not present"
4.9-stretch-security: N/A "Vulnerable code not present"
|
