Yes. There are a number of these that have been addressed in later releases but not ported back to 5.15 or 5.10. I would send backports to stable-queue but I don't know how. Also, I can't really test items here, so all I could say was that the kernel builds (and maybe boots).
Joe > -----Original Message----- > From: Bruce Ashfield <[email protected]> > Sent: Thursday, April 21, 2022 5:50 AM > To: Slater, Joseph <[email protected]> > Cc: Linux Yocto <[email protected]>; MacLeod, Randy > <[email protected]> > Subject: Re: [5.15][PATCH 0/2] Fix CVE-2022-28796 > > On Thu, Apr 14, 2022 at 4:20 PM Joe Slater <[email protected]> wrote: > > > > Two cherry-picks from v5.17-rc3 and v5.18-rc1. The first extracts > > some common code into a new function. The second fixes the CVE in > > this new function. Merge failure in a comment in jbd2.h had to be fixed. > > Code applied cleanly. > > > > Applied to v5.15/standard/base (after v5.15.32 tag) and compiled. > > I was waiting to see if this looped around to 5.15-stable, but I haven't seen > it in > that queue yet .. since that is always the preferred path for these sorts of > things. > > It did show up in 5.17-stable, but nothing earlier than that. > > I've grabbed the changes and will do some local testing. > > Bruce > > > > > Ritesh Harjani (2): > > jbd2: refactor wait logic for transaction updates into a common > > function > > jbd2: fix use-after-free of transaction_t race > > > > fs/jbd2/commit.c | 19 ++----------- > > fs/jbd2/transaction.c | 66 > > ++++++++++++++++++++++++++++--------------- > > include/linux/jbd2.h | 4 ++- > > 3 files changed, 49 insertions(+), 40 deletions(-) > > > > -- > > 2.25.1 > > > > > -- > - Thou shalt not follow the NULL pointer, for chaos and madness await thee at > its end > - "Use the force Harry" - Gandalf, Star Trek II
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#11229): https://lists.yoctoproject.org/g/linux-yocto/message/11229 Mute This Topic: https://lists.yoctoproject.org/mt/90473462/21656 Group Owner: [email protected] Unsubscribe: https://lists.yoctoproject.org/g/linux-yocto/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
