blob: 710eb13a0106d1934b2991da5ecc4b504ec1f85e (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
|
Description: bpf: Don't use tnum_range on array range checking for poke descriptors
References:
https://lore.kernel.org/all/984b37f9fdf7ac36831d2137415a4a915744c1b6.1661462653.git.daniel@iogearbox.net/
https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/commit/?id=a657182a5c5150cdfacb6640aad1d2712571a409
https://www.openwall.com/lists/oss-security/2022/08/26/1
https://bugzilla.redhat.com/show_bug.cgi?id=2121800
Notes:
carnil> Introduced by d2e4c1e6c294 ("bpf: Constant map key tracking for
carnil> prog array pokes") in 5.5-rc1.
carnil> Fixed as well in 5.19.6 for 5.19.y.
Bugs:
upstream: released (6.0-rc4) [a657182a5c5150cdfacb6640aad1d2712571a409]
5.10-upstream-stable: released (5.10.140) [e8979807178434db8ceaa84dfcd44363e71e50bb]
4.19-upstream-stable: N/A "Vulnerable code not present"
sid: released (5.19.6-1)
5.10-bullseye-security: released (5.10.140-1)
4.19-buster-security: N/A "Vulnerable code not present"
|
