retired/CVE-2022-24122


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18

Description: ucount:  Make get_ucount a safe get_user replacement
References:
 https://www.openwall.com/lists/oss-security/2022/01/29/1
Notes:
 carnil> Introduced in v5.14-rc1 with merge of d64696905554
 carnil> ("Reimplement RLIMIT_SIGPENDING on top of ucounts"),
 carnil> 6e52a9f0532f ("Reimplement RLIMIT_MSGQUEUE on top of ucounts")
 carnil> and d7c9e99aee48 ("Reimplement RLIMIT_MEMLOCK on top of
 carnil> ucounts").
Bugs:
upstream: released (5.17-rc2) [f9d87929d451d3e649699d0f1d74f71f77ad38f5]
5.10-upstream-stable: N/A "Vulnerable code not present"
4.19-upstream-stable: N/A "Vulnerable code not present"
4.9-upstream-stable: N/A "Vulnerable code not present"
sid: released (5.15.15-2) [bugfix/all/ucount-Make-get_ucount-a-safe-get_user-replacement.patch]
5.10-bullseye-security: N/A "Vulnerable code not present"
4.19-buster-security: N/A "Vulnerable code not present"
4.9-stretch-security: N/A "Vulnerable code not present"