summaryrefslogtreecommitdiffstats
path: root/retired/CVE-2023-28327
blob: ef33831e8c991a4c4b00f0a2a7e05c1172b10553 (plain) (blame) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17

Description: af_unix: Get user_ns from in_skb in unix_diag_get_exact().
References:
 https://bugzilla.redhat.com/show_bug.cgi?id=2177382
 https://lore.kernel.org/netdev/CAO4mrfdvyjFpokhNsiwZiP-wpdSD0AStcJwfKcKQdAALQ9_2Qw@mail.gmail.com/
 https://lore.kernel.org/netdev/e04315e7c90d9a75613f3993c2baf2d344eef7eb.camel@redhat.com/
 https://lore.kernel.org/netdev/20221127012412.37969-3-kuniyu@amazon.com/T/
Notes:
 carnil> Commit fixes cae9910e7344 ("net: Add UNIX_DIAG_UID to Netlink
 carnil> UNIX socket diagnostics.") in 5.3-rc1.
Bugs:
upstream: released (6.1) [b3abe42e94900bdd045c472f9c9be620ba5ce553]
6.1-upstream-stable: N/A "Fixed before branching point"
5.10-upstream-stable: released (5.10.159) [575a6266f63dbb3b8eb1da03671451f0d81b8034]
4.19-upstream-stable: N/A "Vulnerable code not present"
sid: released (6.1.4-1)
5.10-bullseye-security: released (5.10.162-1)
4.19-buster-security: N/A "Vulnerable code not present"

© 2014-2024 Faster IT GmbH | imprint | privacy policy