blob: 30550f7104adbf9910cfd421f29d5b72cabf8ee6 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
|
Description: net/ulp: prevent ULP without clone op from entering the LISTEN status
References:
https://ubuntu.com/security/CVE-2023-0461
https://kernel.dance/#2c02d41d71f90a5168391b6a5f2954112ba2307c
Notes:
carnil> To reach the vulnerability it is said that the kernel needs to
carnil> be configured with CONFIG_TLS or CONFIG_XFRM_ESPINTCP. While
carnil> code present the issue should not be exploitable for privilege
carnil> escalation in bullseye and earlier.
Bugs:
upstream: released (6.2-rc3) [2c02d41d71f90a5168391b6a5f2954112ba2307c]
6.1-upstream-stable: released (6.1.5) [7d242f4a0c8319821548c7176c09a6e0e71f223c]
5.10-upstream-stable: released (5.10.163) [f8ed0a93b5d576bbaf01639ad816473bdfd1dcb0]
4.19-upstream-stable: released (4.19.270) [755193f2523ce5157c2f844a4b6d16b95593f830]
sid: released (6.1.7-1)
5.10-bullseye-security: released (5.10.178-1)
4.19-buster-security: released (4.19.282-1)
|
