blob: aaaa530a3b098e734ad6d729eee74cce64539288 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
Description: io_uring: ensure IOPOLL locks around deferred work
References:
https://source.android.com/security/bulletin/pixel/2023-07-01
https://yanglingxi1993.github.io/dirty_pagetable/dirty_pagetable.html
https://www.openwall.com/lists/oss-security/2023/07/14/2
https://www.openwall.com/lists/oss-security/2023/07/25/9
https://twitter.com/VAR10CK/status/1683303642173153280
Notes:
carnil> No upstream commit exists as the issue has been fixed in 5.18
carnil> development as part of a larger rework of the completion side.
Bugs:
upstream: released (5.18)
6.1-upstream-stable: N/A "Fixed before branching point"
5.10-upstream-stable: released (5.10.188) [810e401b34c4c4c244d8b93b9947ea5b3d4d49f8]
4.19-upstream-stable: N/A "Vulnerable code not present"
sid: released (5.18.2-1)
6.1-bookworm-security: N/A "Fixed before branching point"
5.10-bullseye-security: released (5.10.191-1)
4.19-buster-security: N/A "Vulnerable code not present"
|