[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] [CVE-2023-42755] Linux kernel wild pointer access <= v6.2
From:       Greg KH <greg () kroah ! com>
Date:       2023-09-26 9:50:37
Message-ID: ZRKpbYtTL0OYpzKy () kroah ! com
[Download RAW message or body]

On Mon, Sep 25, 2023 at 01:13:19PM -0700, Kyle Zeng wrote:
> [Patch]
> The patch is to follow the upstream and retire the rsvp classifier in
> all the stable trees.
> And it is queued in all the stable trees, but not merged yet.
> For example, the patch for v6.1 can be found here:
> https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/diff/queue-6.1/net-sched-retire-rsvp-classifier.patch?id=f75b6fc19b6ec061f59b4e18d72ebb32ceea8587
> 

This change is in released kernels already, specifically all of the
following ones:
	4.14.326 4.19.295 5.4.257 5.10.197 5.15.133 6.1.55 6.3

Perhaps this advisory was written before those kernels were released?

> [Affected Version]
> I confirmed that this bug affects v6.2, v6.1, v5.15, v5.10, v5.4,
> v4.19, and v4.14.

v6.2 is long end-of-life, sorry, that's not going to be fixed.  But for
all of the other versions you quote above, it should now be resolved.

thanks,

greg k-h


[prev in list] [next in list] [prev in thread] [next in thread]