oss-sec mailing list archives

Re: [CVE-2023-42755] Linux kernel wild pointer access <= v6.2

From: Kyle Zeng <zengyhkyle () gmail com>
Date: Mon, 25 Sep 2023 15:26:01 -0700

[Patch]
The patch is to follow the upstream and retire the rsvp classifier in
all the stable trees.
And it is queued in all the stable trees, but not merged yet.
For example, the patch for v6.1 can be found here:
https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/diff/queue-6.1/net-sched-retire-rsvp-classifier.patch?id=f75b6fc19b6ec061f59b4e18d72ebb32ceea8587

Correction: as pointed out by Brad Spengler, the patch was merged into
stable trees 2 days ago. For example, the patch for v6.1 can be found here:
https://github.com/gregkh/linux/commit/b93aeb6352b0229e3c5ca5ca4ff015b015aff33c

Thanks,
Kyle Zeng

Current thread:

[CVE-2023-42755] Linux kernel wild pointer access <= v6.2 Kyle Zeng (Sep 25)
- Re: [CVE-2023-42755] Linux kernel wild pointer access <= v6.2 Greg KH (Sep 26)
- Re: [CVE-2023-42755] Linux kernel wild pointer access <= v6.2 Kyle Zeng (Sep 26)
- Re: [CVE-2023-42755] Linux kernel wild pointer access <= v6.2 Greg KH (Sep 26)